Instead of using its own database to authenticate users, TEAMS-RDS can be configured to connect to a corporate active directory server to authenticate and authorize users.
NOTE – Active Directory support is available only on TEAMS-RDS version 12.x and later.
There are two ways of configuring TEAMS-RDS to support active directory authentication, depending on the version of TEAMS-RDS, or where TEAMS-RDS is installed:
- Choose method 1 if ANY of the is true:
- You have TEAMS-RDS version 12.x.
- TEAMS-RDS is installed on a Linux server.
- TEAMS-RDS is installed on a Windows server that is not part of the active directory domain.
- Choose method 2 if ALL of the following is true:
- You have TEAMS-RDS version 14.x, and
- TEAMS-RDS is installed on a Windows server that is part of the active directory domain.
Method 1. I have TEAMS-RDS version 12.x, or TEAMS-RDS is installed on Linux server, or on a Windows server that is not a member of the active directory domain
Method 2. TEAMS-RDS server is installed on a Windows server that is a member of the domain
Configure user roles
The user roles are obtained from the active directory “memberOf” attribute. These roles are unlikely to match the user roles expected by TEAMS-RDS. To map the Active Directory user roles to TEAMS-RDS roles, edit. The general format is:
For example, assume that we want to grant users who are members of “Technical Support Staff” and “Field Engineer” the TEAMS-RDS role of “Field Technician”:
Now, when a user who is a member of “Technical Support Staff” or “Field Engineer” logs into TEAMS-RDS, he will have the privileges of a Field Technician.
All the available TEAMS-RDS roles are specified in; edit the file to map TEAMS-RDS roles to the active directory attribute(s) for users.
NOTE – The following feature is not available on TEAMATE version prior to 14.0.
TEAMATE is already configured to use Windows authentication AND to automatically log the user in. The configuration specified inas described above is not applicable for TEAMATE.
Since TEAMATE mainly operates in offline mode, it will use the user information that is cached by Windows.
When connecting to TEAMS-RDS for model/log synchronization via HTTP, the user will need to enter his Windows credential to log in to TEAMS-RDS to synchronize, even if TEAMS-RDS has been configured for “single sign-on”.
NOTE – If TEAMATE displays the Windows Security logon prompt, instead of automatically logging in the user, then the site http://127.0.0.1 needs to be added to the “Local intranet” site:
- From Internet Explorer, choose the Tools/Internet Options menu.
- Select the “Security” tab.
- Click the “Local Intranet” icon.
- Click the Sites button.
- Click “Advanced”.
- Add “http://127.0.0.1” to list of Websites