OneDrive for Business Simple Claims Based Authentication Rights Options
This section provides the following configuration options:
- Active Directory Hostname - The host name of the LDAP service.
- Active Directory Port - The port of the LDAP service.
- Active Directory Distinguished - Distinguished name of the object in which to do the search. For example: DC=emea, DC=pharma, DC=intra
- Bind Username - the username used to bind to the Active Directory service.
- Bind Password - The password used to bind to the Active Directory service.
- Domain - The domain passed to the Active Directory to retrieve the associated permission group.
- Username - The username passed to the Active Directory to retrieve the associated permission groups.
- Rights assigned to Everyone - A list of groups which should be assigned to every
authenticated user. The group should either be in the SID format or in a claims encoded
format. For example:
- Claims Encoded Format: c:0(.s|true for All Authenticated Users (Windows)
- SID Format: c:0+.w|S-1-5-32-545
Note: If you don't want to assign any everyone rights, select modified and insert a space. By default, everyone rights are granted to the following groups:c:0(.s|true c:0!.s|windows
- Cache LDAP User Request - Number of seconds during which to store a cached version of the LDAP requests resolving the groups to which the user belongs. Set to 0 to disable caching, -1 for infinite caching.
Note: The connector seed option Use Domain Group Name as ACL must be set to
True if you are using Simple Claims Based Authentication.