Lightweight Directory Access Protocol (LDAP) (also known as Active Directory or Directory Server) with Single Sign On capability is currently available in FCS Express. To request access and pricing for LDAP integration please contact support@denovosoftware.com. LDAP in FCS Express is only supported for Simple Bind configurations.

 

The LDAP dialog (Figure 18.25) can be accessed through the File tab→Security→Edit Security Configuration→LDAP tab.

 

If you are attempting to edit the security configuration for LDAP you must be connected to the LDAP server.

 

 

 

LDAP Authentication may be configured via the LDAP dialog via the options listed in the dialog and as follows:

 

•When the check box for Enable LDAP Authentication is checked FCS Express will attempt to auto fill the LDAP Default Domain and Distinguished Name Root. If a different LDAP Default Domain and Distinguished Name Root are required you may enter them manually.

 

•The LDAP Hostname must be entered by the end user setting up LDAP.

 

•The Autodetect button (below) will attempt to automatically determine the LDAP Hostname, LDAP Default Domain, and Distinguished Name Root. The Autodetect button will work for most simple LDAP setups but manually entry may still be required for more complex systems.

 

•When the Auto-Detect check boxes to the right of LDAP Hostname, LDAP Default Domain, and Distinguished Name Root options are checked, the fields will become greyed out. FCS Express will attempt to auto-detect the correct settings from your currently connected LDAP environment rather than using values entered in the fields. The use of the Auto-Detect check boxes is particularly useful in environments where settings are complex or variable.

 

Note: The Auto-Detect check boxes make use of the LDAP system and environment variables of the local computer running FCS Express. When using auto-detection, administrators of the system and environment should ensure that the local computer systems and group policies have been appropriately configured to prevent local users from changing system settings associated with LDAP.

 

 

•The Enable Single Sign On check box will control if Single Sign On should be used by FCS Express when opening the software.

 

▪        If Enable Single Sign On is unchecked, then the user will be prompted via a log in dialog to enter their credentials.

 

oThe user name may be entered as the domain user name or with the domain plus user name. For instance, JQFlow or FlowCytometry\JQFlow where JQFlow is the user name and the domain is FlowCytometry.

 

▪        If Enable Single Sign On is checked, and the end user of FCS Express is assigned as a user of FCS Express, the end user will not be prompted to log into FCS Express as long as they are already signed on to the system.

 

oIf a user would like to force a sign in prompt, for instance, to switch to a different domain user to access FCS Express, you may hold down the Control, or Alt, or Shift key immediately after running FCS Express until the log in dialog appears.

 

oUsers may also force a sign in prompt if they switch to another user by logging out of FCS Express. To logout, click on the Logged in as: drop down in the bottom bar of FCS Express (Figure 18.26) or from the File tab→System→Current User→Logout Current User.

 

 

 

See the next chapter for Creating and Administering LDAP Users.