If enabled, CSM can use Windows/LDAP credentials to authenticate users and customers.
To use Windows credentials:
- Windows or Active Directory must be enabled for each client in CSM Administrator. Navigate to Security > Edit security settings, select Desktop Client, Browser Client, or Browser Portal, and finally select Windows or LDAP as the login mode. See Configure Login Authentication for Each Client.
- The Windows login ID must be provided for each user's CSM. See Create a User Profile or Create a Customer Record.
In the CSM Desktop Client, Windows credentials are automatically used, if enabled. In the Edge browser, the CSM Browser Client can automatically retrieve the user's/customer's credentials from the system and pass them to the server. In other browsers, users and customers might be prompted to provide Windows credentials. The browser validates the credentials before passing them to the server. If users or customers have previously provided credentials to the browser, they might not be prompted to provide their credentials.
If users or customers are not currently logged in to their standard Windows system (example: they are logging in from a mobile device or from outside the network), or their system is configured to use an alternate LDAP provider that does not provide direct Windows validation, they can still use their Windows/LDAP Credentials for single sign-on.
Users and customers provide their Windows (or LDAP) credentials in the User Name field and their Windows (or LDAP) credentials in the Password field. When the Login button is selected, CSM confirms that the specified credentials are valid, and if so, logs the user or customer in.
The user/customer must specify a fully qualified ID in the format domain\user-id.
Caution: HTTPS is the recommended protocol for production environments. When HTTP is used instead, credentials are visible when they are passed from the browser to the server and may pose security risks.