Applies to versions: 1.10, 1.11

LDAP: Active Directory Sign On Through IPSLOGIN

The IPSLOGIN login integration module provides an option for employees to log in to TimeIPS using their passwords from a remote LDAP server. Configuration of the module is done by going to System >> Company/Divisions and defining the configuration once per division.

• Enable Alternate Login
  • Choose Active Directory (LDAP) to enable the alternate login feature
• LDAP Server
  • Provide the domain name or IP address of the LDAP server
• LDAP Host
  • Provide the domain name associated with user accouns on the server. For example if you connected to LDAP using "bobsmith@acme-inc.com" then the host value would be "acme-inc.com

Employee Configuration

In order for an employee to successfully use LDAP to log on to TimeIPS two things must be configured correctly. 

1. The employee's record in the LDAP server must identify the employee as [username]@[LDAP Host] such as "bobsmith@acme-inc.com" in the previous example.
2. The employee's username in TimeIPS must match the username portion of the identifer in LDAP. In our example the username in TimeIPS must be "bobsmith"

When employees attempt to log in to TimeIPS using their username and LDAP password TimeIPS will attempt to authenticate their username/LDAP Host combination against the server using the provided password. If this authentication fails for any reason then TimeIPS will fallback to its normal login procedure to attempt to authenticate with any password that might be stored in TimeIPS.