Summary


This article describes the various methods for managing authentication to the InfoBurst Platform.


Windows Authentication


Windows Authentication allows a user to sign in automatically based on the user's NTUser information.


Recommendations

  • Only Internet Explorer can be used with Windows Authentication
  • Users must add NTUser in user profile before using Windows Authentication

Enable Windows Authentication

Disable Windows Authentication


Windows Authentication can be disabled via the user interface by following the steps above to set Authentication Mode to InfoBurst. If user interface access is not possible due to a configuration issue with Windows Authentication, then follow these steps to disable Windows Authentication using IBConfig.

  • Open a command prompt (Run as administrator)
  • Change directory to the application root folder (default = C:\Program Files (x86)\InfoSol\InfoBurstPlatform)
  • Enter IBConfig AuthMode AuthIB
  • Enter IBConfig to confirm the change
  • Restart the InfoBurstPlatform service


Active Directory Synchronization

Use Active Directory Group Synchronization to synchronize one or more Active Directory groups when using Windows Authentication.
  • Users from a synced AD group become InfoBurst users
  • Synced AD users are added to InfoBurst group equivalent to their AD group
  • Email and NTUser user account attributes are updated from AD
  • Password, Email and NTUser attributes are lokced for AD-synced user accounts
  • AD-synced user accounts cannot be deleted
  • AD-synced user is automatically disabled when corresponding AD user is disabled or deleted

Recommendations
  • The following prerequisites must be fulfilled prior to using Active Directory Synchronization:
  • A server backup should be performed prior to enabling Active Directory Synchronization

Add an AD Group

Options
  • Synchronize every: Set the synchronization frequency (minutes)
  • Force Sync: Force a synchronization

Identifying AD-Synced Users/Groups

AD-synced users and groups are signified by a lock icon.

Authentication Data Source

Use Authentication Data Source (ADS) to manage users from a tabular Data Source (Database Query, Excel, or MultiColumn List).
  • User from ADS is automatically added to InfoBurst upon first authentication attempt
  • Password, email address, and NTUser details are automatically updated in InfoBurst
  • ADS can be used to manage InfoBurst Portal users, dashboard consumers, and users of the main InfoBurst user interface
  • User is automatically disabled or deleted based on ADS status
  • Manage mobile dashboard consumers where Windows Authentication is not feasible and Windows Authentication is enabled

Data Source Requirements


The data source may contain the following columns:


Required
Optional
user
password
role
group
email
ntuser
status


Use the following aliases to define user roles in the data source:


RoleAlias
Administratoradministrator
Operatoroperator
Project Managerprojectmanager
Team Memberteammember
Report Consumerreportconsumer
Dashboard Consumerdashboardconsumer


Create the Authentication Data Source


Create a Database Query, Excel File List, or MultiColumn List data source.


Apply the Authentication Data Source

Identifying ADS Users


ADS users are signified by a lock icon.


Disable a User


To disable an ADS user, set the status column to disabled.


Delete a User


To delete an ADS user, delete the user record from the data source. If the user owns objects in InfoBurst, then the InfoBurst user will be disabled until the objects are migrated to another user or deleted.


Dashboard Connectors

With Windows Authentication enabled, the standard InfoBurst web service port (8551) requires the authenticating user be on a Windows platform. Mobile Authentication makes standard InfoBurst authentication available over port 8552. The dashboard connector or Connection Manager must be configured for Mobile Authentication:
  • Select Mobile Authentication 
  • Server:Port: <IB_SERVER>:8552


1119_001.png


See Also


User & Group Management