Table of Contents
Advertisement
Reconciling login policies
Breeze and the Microsoft NTLM have different login policies for authenticating users. These
policies must be reconciled before the user can employ a single login to access Breeze and other
applications. The organization's login and password policy determines what the external login
looks like. By default, Breeze employs the user's email address (jdoe@mycompany.com) and
password as the primary login to authenticate the user. Breeze can be configured to use an external
login as authentication.
For example, NTLM employs a login policy of username and password. The username can be a
variant of the user's real name (jdoe), employee ID number (1234), or an encrypted name. Once
again, the organization's login and password policy determines what the username looks like.
The Breeze login and password policy is configured in Breeze Manager (select Administration >
Edit Login and Password Policies). In the Login Policy section, you can specify whether or not to
use the user's email login as the default login to Breeze. Select No to have Breeze accept a
username as the authentication mechanism. This configuration matches the Breeze password
policy with the NTLM password policy.
Configuring the Breeze Directory Service Integration
The administrator uses the Directory Service tab of the Application Management Console to
control the integration of the enterprise's directory services with the Breeze directory of users and
groups. To perform a directory integration task, you must be defined as an administrator in your
Breeze profile. An administrator is defined on the Create Administrator screen of the Application
Management Console.
Breeze has its own directory of security principals (users and groups). Directory synchronization
integrates Breeze with an organization's Directory Service. This is a one-way synchronization that
copies the information about principals from the external directory to the Breeze directory.
Integration of the directories of the organization and of Breeze is performed on the Console. You
use the Console to perform the following tasks:
•
Directory Service settings
"Configure the connection settings"
"Map the Breeze user profile to the Directory Service" on page 65
"Map the Breeze group profile to the Directory Service" on page 68
•
Synchronization settings
"Schedule the synchronization" on page 70
"Define the password policies" on page 75
"Define the deletion policies" on page 76
"Define the synchronization action" on page 70
•
Log files
"View the synchronization log files" on page 72
"Log file format" on page 73
62
Chapter 4: Post-installation
Advertisement
Table of Contents
Troubleshooting
