ADLDS and LLLDAP authentication systems

When the ADLDS or LLLDAP authentication system is used, the user names and passwords that are entered on Datacap login windows or passed to Datacap by background services and processes are used for authentication.

ADLDS or LLLDAP authentication in Datacap

You must create accounts in ADLDS or LLLDAP for Datacap users, background services, and background processes. Users must enter the user names and passwords of these accounts on the Datacap login windows. The background services and processes supply the account user names and passwords automatically.

You must also set up the same user names in your Datacap application. The user name and password is authenticated against your directory server. When the directory server authenticates successfully, the user name must match the user name in Datacap Administration Database.

ADLDS or LLLDAP Datacap Server Service

In Datacap Server Manager, set the Authentication system to ADLDS or LLLDAP as appropriate.

ADLDS or LLLDAP Datacap users, groups, stations

Add Datacap users to your application with the same names and passwords that were set up in the ADLDS or LLLDAP authentication system. The user or background service or process uses these credentials to log int to Datacap.

Datacap groups are optional. Add Datacap groups to your application when you want to manage permissions at the group level in addition to or instead of managing individual permissions. You can add groups to Datacap for users, automatic users, and background services and processes. The Datacap group name can be any name that you want. There is no need to create Datacap groups for the Datacap Server Service, Datacap Web Services, or application pools.

When appropriate, add Datacap users to one or more Datacap group or groups.

Add Datacap stations to your application with the appropriate permissions. Station names can be any name that you want.

ADLDS or LLLDAP Maintenance Manager

The Windows Scheduler runs the Maintenance Manager application automatically and the Maintenance Manager application supplies its credentials automatically. When a Maintenance Manager rule set is added to a Datacap application, the rules supply credentials automatically.
  • Add a Datacap user and password to your application for Maintenance Manager, or use an existing Datacap user with appropriate permissions. The user name and password must match a user name and password that is set up in the ADLDS or LLLDAP authentication system.
  • Add a Datacap station to your application for Maintenance Manager and assign appropriate permissions, or use an existing Datacap station with appropriate permissions.
  • Set up Maintenance Manager credentials when you are using ADLDS or LLLDAP. In Datacap Application Manager, select the application.
    • Add a General string name-value pair on the Custom values tab to hold the user name of the Maintenance Manager user as found in Datacap.
    • Add an Advanced values name-value pair on the Custom values tab to hold the password for the Maintenance Manager Datacap user.
    • Add one General string name-value pair on the Custom values tab to hold the Maintenance Manager station name as found in Datacap.
  • In the Maintenance Manager application, set the SetUser action to use the APPVAR smart parameter to retrieve the value of the Maintenance Manager user name from Datacap application service.
  • In the Maintenance Manager application, set the SetPassword action to use the APPVAR smart parameter to retrieve the value of the Maintenance Manager password from Datacap application service.
  • In the Maintenance Manager application, set the SetStation action to use the APPVAR smart parameter to retrieve the value of the Maintenance Manager station name from Datacap application service.
  • In Windows Scheduler, set the account in Security Options to the Windows account used by Maintenance Manager to run with highest privileges.

ADLDS or LLLDAP Rulerunner Service

The Rulerunner Service is a background service that supplies its credentials automatically
  • Add at least one Datacap user for Rulerunner to the Datacap application, or use an existing Datacap user with appropriate permissions. The user name and password must match a user name and password that is set up in the ADLDS or LLLDAP authentication system. If one instance of Rulerunner is set up to process tasks from multiple applications, the same Datacap user name and password must be added to all of the applications. If multiple instances of Rulerunner are set up, they can all use the same Datacap user.
  • Add one Datacap station for each Rulerunner, or create one Datacap station for the Rulerunners to share, or use an existing Datacap station with appropriate permissions.
  • Set up the credentials that are used by Rulerunner when you are using ADLDS or LLLDAP. In each Rulerunner Manager, select the Datacap Authentication option on the Rulerunner Login tab. Enter the Datacap user name, password, and station to be used for the instance of Rulerunner.

ADLDS or LLLDAP Datacap Web Client Upload Service

The Datacap Client Upload Service is a Windows service that supplies its credentials automatically.
  • Add at least one Datacap user for the Upload Service to the Datacap application, or use an existing Datacap user with appropriate permissions. The user name and password must match a user name and password that is set up in the ADLDS or LLLDAP authentication system.
  • Add at least one Datacap station for the Upload Service to the Datacap application, or use an existing Datacap station with appropriate permissions.
  • Set up the credentials that are used by the Upload Service when you are using ADLDS or LLLDAP. In Datacap Application Manager, select the application and add an Advanced values name and value pair on the Custom values tab to hold the password for the Upload Service Datacap user.
    • Value name – Must be dc2run.User
    • Value – Enter the password of the Datacap Upload Service user.
  • In the Datacap Web Client Upload configuration file, set the value of the <setting name="User" node to the Datacap Upload Service user.
  • In the Web Client Upload configuration file, set the value of the <setting name="Station" node to the Datacap Upload Service station.

ADLDS or LLLDAP Application Pools

Datacap uses application pools for Datacap Web Client, Report Viewer, and the Fingerprint Service. When Datacap Web Client and Report Viewer are installed on the same web server, they must use the same Windows account. When the Fingerprint Service is also installed on the same web server, it can use the same Windows account or a different one. The Windows account that is assigned to the application pool allows the application pool to function. When you assign the Windows account to the application pool, you provide the Windows credentials that the application pool uses.

There is no need to set up Datacap users, stations, or groups for application pools.

ADLDS or LLLDAP Datacap Web Services

Datacap Web Services supplies its credentials automatically.
  • Add a Datacap user for Datacap Web Services to the Datacap application, or use an existing Datacap user with appropriate permissions. The user name and password must match a user name and password that is set up in the ADLDS or LLLDAP authentication system.
  • Add a Datacap station for Datacap Web Services to the Datacap application, or use an existing Datacap station with appropriate permissions.
  • Set up the credentials that are used by Datacap Web Services when you are using ADLDS or LLLDAP. In Datacap Application Manager, select the application.
    • Add a General string value name-value pair on the Custom values tab to hold the user name.
      • Value name – wTMUser
      • Value – Enter the user name
    • Add a General string value name-value pair on the Custom values tab to hold the station name.
      • Value name – wTMStation
      • Value – Enter the station name
    • Enter an Advanced values name-value pair on the Custom values tab to hold the user password.
      • Value name – wTMPassword
      • Value – Enter the password