Authentication#
The HRM curently supports three user authentication mechanisms:
Simple, internal user management module (default - no additional configuration needed)
Generic LDAP server
Microsoft’s Active Directory - (AD) server
The HRM can be configured to use LDAP/AD to test user credentials and obtain limited user information (e-mail address angd group).
You can enable any combination of authentication mechanisms by editing $HRM_CONFIG/hrm_config.inc
.
The first one is the default for new users. Valid examples are:
<?php
...
// Only integrated authentication (default)
$authenticateAgainst = array("integrated");
// Authenticate against Active Directory by default;
// some users may be checked against integrated authentication
$authenticateAgainst = array("active_dir", "integrated");
// Integrated authentication by default;
// some users may be authenticated against ldap
$authenticateAgainst = array("integrated", "ldap");
// This is also possible, however unlikely in reality:
$authenticateAgainst = array("active_dir", "ldap", "integrated");
...
The following pages explain the required configuration steps for the support authentication mechanisms: