18.104.22.168.External AD login provider
This provider is used for logging in with remote Active Directory credentials into the contentACCESS. It communicates with a WCF service, which is part of the contentACCESS proxy (Web/contentACCESSWS/ADService.svc). The proxy searches the Active directory for the user’s name and allows him to log in to the contentACCESS it is connected with.
This provider can be assigned to the user by two ways: 1) Running the provisioning in Remote File archive agent or 2) manually adding it in Central Administration:
- click on Edit in the user’s context menu
- click on +new, choose External AD from the Login provider dropdown list and enter your credentials
- click OK
How does the external AD login work?
- User provides his credentials on the login page.
- We find the user in our database by his login name.
- We find all Remote agents on the users default tenant.
- If the Remote agent has enabled Remote Active Directory (File archive -> Archive -> Remote agents, Active directory in the agent’s context menu), we call the ADService and try to login with the user’s credentials to the remote Active Directory.
- If the login to the Remote Active Directory was successful, we allow the user to log in to the contentACCESS. The content shown for him is evaluated based on SDDL permissions.