Setting an Authentication Source Category to Distinguish Users
and Groups Imported from a Particular Domain
On the Main Settings page of the Authentication Source
Editor, you set the prefix you want to add to user and group names
to distinguish the domain from which they were imported. For example,
if you enter myDomain, each user name and each group name will
be prefixed by the string myDomain; myUser becomes myDomain\myUser and myGroup becomes myDomain\myGroup.
- If the Authentication Source Editor is not already open,
open it now by creating an authentication source.
Note: You can set the category only during authentication source
creation.
- Under Category, in the Authentication Source Category box, type the prefix you
want to add to user and group names to distinguish that they were
imported from this domain.
Generally, you can set the category to any value you want, but
there are a few important considerations:
- Do not include spaces in the prefix.
- After you create this authentication source you cannot change
the category value.
- If you are using Windows Integrated Authentication (WIA) as your
single sign-on (SSO) authentication provider, your authentication
source category must match the domain name.
- You might want the authentication source category to match the
domain name if you are going to import security information. Some
content crawlers have the ability to import security information with
the imported content, making portal security much easier to maintain.
For this to work, the users with access to the imported content need
to correspond to portal users, as specified in the Global ACL Sync
Map. If the authentication source category matches the name of the
source domain, this correspondence is automatic.
- Multiple authentication sources can use the same category. However,
because the prefix is prepended to the user and group names, you need
to be certain that the domains involved do not have different users
or groups with the same name. That is, if a LizaR user exists on one
domain, and a LizaR user exists on another domain, they must be the
same user because only one user will be created.