OneDrive for Business Simple Claims Based Authentication Rights Options

This section provides the following configuration options:

• Active Directory Hostname - The host name of the LDAP service.
• Active Directory Port - The port of the LDAP service.
• Active Directory Distinguished - Distinguished name of the object in which to do the search. For example: DC=emea, DC=pharma, DC=intra
• Bind Username - the username used to bind to the Active Directory service.
• Bind Password - The password used to bind to the Active Directory service.
• Domain - The domain passed to the Active Directory to retrieve the associated permission group.
• Username - The username passed to the Active Directory to retrieve the associated permission groups.
• Rights assigned to Everyone - A list of groups which should be assigned to every authenticated user. The group should either be in the SID format or in a claims encoded format. For example:
  • Claims Encoded Format: c:0(.s|true for All Authenticated Users (Windows)
  • SID Format: c:0+.w|S-1-5-32-545

  Note: If you don't want to assign any everyone rights, select modified and insert a space. By default, everyone rights are granted to the following groups:

                c:0(.s|true 
                c:0!.s|windows
              

• Cache LDAP User Request - Number of seconds during which to store a cached version of the LDAP requests resolving the groups to which the user belongs. Set to 0 to disable caching, -1 for infinite caching.