Configuring Microsoft Users

Restriction: This topic applies only when the Enterprise Server feature is enabled.

With LDAP-based security for Enterprise Server using a security configuration that includes the MLDAP ESM Module, you can configure your installation so that authentication uses the standard Microsoft user objects in Active Directory, that is, the same user objects that are used for Windows authentication. With this configuration, users sign on to Enterprise Server using their Windows usernames and passwords, and Windows logon restrictions apply.

Note: When you set this configuration, you can no longer use the Enterprise Server user administration functionality to manage users. You must do this through your normal Microsoft user management interface.

To configure the system to use Microsoft standard users, you need to set the security manager's configuration as per the example below:

    [LDAP]
    base=
    user class=user
    user container=cn=users,dc=company,dc=com
    group container=cn=enterprise server user groups,cn=micro focus,
      cn=program data,dc=company,dc=com
    resource container=cn=enterprise server resources,cn=micro focus,
     cn=program data,dc=company,dc=com
    [Verify]
    mode=bind

user class environment variable to a value of: user

If this setting is not present, user class=microfocus-MFDS-User which is the default setting is used.