What does this section cover?

What is User Authentication?

User authentication settings are used to define the password policy for accessing CRM.COM Software, i.e. the criteria that passwords must conform with. The password policy is taken into consideration whenever a new password for an existing or new user is set. If user authentication settings are not configured in the system, then only super users can access the system.

In addition use the settings to define how many failed login attempts a user can perform within a period of time before they result to a specific lockout time. During this lockout time, the user will not be able to login, even if the correct credentials are provided.

Additionally using User Authentication you have the option to define whether authentication of users at login will be done using CRM.COM authentication or LDAP/Active Directory authentication. 

Authentication settings are also used to define IP addresses from which users can access CRM.COM or IP addresses from which users can never access CRM.COM. Each IP Authorization Rule has a set of restrictions which represents the Allowed and Denied IP Addresses. An IP Address restriction can either be a specific IP address, a range of IP Addresses or an IP Address Pattern. Each IP Authorization Rule also has a set of Conditions which defines the set of users for which the rule is applied. This set of conditions includes Users, Units, Groups or Communities in any required combination. Multiple IP Authorization Rules can be configured and used but only as long as they are in Active state.

Creating, Editing & Deleting Validations & Restrictions

User Authentications  attributes 

Defining your own User Authentications  tailored to your company's needs

1. Navigate to FOUNDATION > USER MANAGEMENT > SET UP USER AUTHENTICATION SETTINGS 
   
   
2. Click on EDIT

3. PASSWORD POLICY

   1. Update the information as required to set up password formatting restrictions

4. AUTHENTICATION POLICY - 

   Status
   colour Red title Available from CRM.COM R9

   1. Use CRM.COM Authentication: Check the box to enable the rest of the settings

   2. Server Type: Select from the drop down list Active Directory/LDAP

   3. Provide the rest of the information according to the Active Directory you would like to import users from
      When setting up Authentication Policy you will need to logout and login again before the changes take effect. 
      Check out Testing Active Directory/LDAP connection 

5. INVALID AUTHENTICATION POLICY - 

   Status
   colour Red title Available from CRM.COM R9

   1. Provide the information required with regards to handling invalid login attempts

6. IP AUTHORIZATION RULES - 

   Status
   colour Red title Available from CRM.COM R9

   1. Click on ADD to add a new rule
      You can add multiple rules
   2. Click on the rule you added, from the panel list to select and define the rules and condition:
      1. State: Select if the rule will be Active or Inactive
      2. IP Addresses Restrictions: Add the IP Addresses
      3. Applied to Organisational Units:  
         1. Click on "ADD" and select between
            1. UNIT
            2. USERS
         2. Use the Search modal to select the Organisational unit you would like to add.
         3. You can select any type of Organisational unit according to the restrictions that you would like to set or none at all.
7. From the Actions Menu click on SAVE

8. You will be required to logout and login again, for the settings to be applied

Anchor
TEST TEST

Testing Active Directory / LDAP Connection

Once you configure Authentication Policy and you save the Settings you should check Active Directory/LDAP connection. To do so follow the steps below

1. From the Action Menu click on ACTIONS > TEST CONNECTION
    
2. The system will show a message whether the connection test is successful or failed

Deleting User Authentications

You cannot delete a user authentication record