Authentication Settings

The Authentication Settings page enables you to configure how Secure Email Gateway authenticates PMM users who access the Portal. This ensures that only authorized users can access their personal data, such as held messages.

When a user accesses the Portal, the Gateway authenticates each request by making a connection with the user's domain and retrieving the necessary information from the domain controller. The domain controller manages the organizational information and email addresses of users associated with the domain.

Often, a network may consist of a number of sub-domains, organized within a domain forest. In this scenario, users are authenticated in the same way, as each sub-domain has a trust relationship with the domain controller.

Using the Authentication Settings page, you can add and modify domain controllers to support any number of domains, enabling users to access the Portal from any domain or domain forest.

  To configure authentication across the domain, the Gateway must be connected to the domain controller.

Specify the User Authentication method

  1. Navigate to System > PMM Settings > Authentication Settings. The Authentication Settings page is displayed.

  2. In the User Authentication panel, click Click here to change these settings.

  3. Select the authentication method:

    • Client Integrated Authentication (with domain controller): This is the default NTLM authentication method.
    • Forms-based Authentication: This will allow the user to manually enter their windows logon or email address along with their windows password. Forms-based authentication is performed by the Gateway if NTLM is disabled and connects the Gateway to a domain controller using an LDAP connection.
     

    Client Integrated Authentication is performed by the Gateway connecting to a domain controller. If users are members of multiple domains, each of these domains must have a trust relationship with the selected domain controller. Otherwise, authentication will not be successful for users within the untrusted domain.

    Users in untrusted domain forests must use Forms-based authentication to access the PMM Portal.

  4. Click Save.

    If you have selected Client Integrated Authentication, your current domain configuration is displayed in the User Authentication panel. This information includes the name of the domain that the Gateway has joined and will use for authentication. If the Gateway is not currently a member of a domain, or you wish to join a new domain, you can configure the connection using the Domain Controllers panel.

  5. Apply the configuration.
 

If you change any configuration or policy settings, you must Apply Configuration for the new settings to take effect. You can do this either from the Changes Made panel, or System > ConfigurationApply Configuration. See Apply new configuration for more information.

If you use Peer Gateways (i.e. when multiple Gateways are peered), any configuration changes from a local Gateway can then be applied to all the peers at the same time. See Peer Gateways for more information.

See also...