Authentication Settings

This section of the Enterprise settings page allows the site administrator to choose a method for managing user login credentials (usernames and passwords). The options available to you will vary, according to which authentication type is selected.  For guidance when configuring non-internal authentication methods, contact your QSM account representative for assistance.

 

 

 

      Internal. This is the default user authentication method in SLIM-Collaborate.  With this option, login credentials (usernames and passwords) are stored and managed “internally” via each user’s unique SLIM-Collaborate user profile.  When the site admin creates a new user profile, SLIM-Collaborate will generate a temporary login password and email it to the address specified in the user’s profile. Note that new user profiles cannot be created until the SMTP Server Settings have been configured to send system emails. For more information on creating user profiles, see Adding or Editing Users.

      LDAP (Lightweight Directory Access Protocol). With this option, an external corporate directory server manages login credentials.  This allows large enterprise clients to manage user-related information like usernames, passwords, organizational structure, and permissions from a single, central directory server such as IBM Tivoli Directory Server or OpenLDAP. Since LDAP schemas tend to be highly customized, please contact your QSM account representative for documentation and assistance in configuring LDAP authentication.

      Microsoft Active Directory is an LDAP variant designed for use with Microsoft Windows. Please contact your QSM account representative for documentation and assistance in configuring Active Directory authentication in SLIM-Collaborate.

      SAML This option allows clients to configure user authentication using Single Sign On (SSO) though a SAML based Identity Provider (IdP) server.  Please contact your QSM account representative for documentation and assistance in configuring SAML authentication in SLIM-Collaborate.

      Custom. Starting with SLIM-Collaborate 5.0, two built-in custom authentication utilities are provided for organizations that wish to add an additional layer of security to the default username and password-based login process.  To enable two-factor authentication, select Custom from the authentication settings drop-down, then select MultiFactor Authentication from the drop-down Plugin list control. This option requires users to enter an additional one-time, time-based code (supplied by an authenticator app) after their username and password. For more information on this option, see Two-Factor Authentication


Description: A screenshot of a computer

Description automatically generated

The other security plugin is Login Monitor. It allows the site admin to specify the number of times a user can enter incorrect login passwords, and the length of time that user will be locked out of SLIM-Collaborate if the number of tries is exceeded. For more information on configuring this security option, see Configurating Login Monitoring.

Other custom authentication options are available that require custom coding. One example of a custom authentication strategy might involve implementing multiple strategies in a single schema. Please contact your QSM account representative for information regarding programming custom authentication strategies. Custom authentication is most appropriate for:

      Corporate directories that don’t use standard LDAP.

      Clients with special LDAP security needs.

      Clients who wish to augment SLIM-Collaborate’s default Internal authentication with custom password logic. Examples include minimum character rules for passwords (at least 10 characters) or requiring that passwords be unique.

      Clients who want to use other LDAP attributes (i.e., not email addresses) for authentication.