Active Directory-Based Administration
(Requires the Advanced Security Module) In addition to or instead of EFT-managed administrator accounts, if using the Advanced Security Module, administrator users can authenticate via Active Directory (AD). For remote connections, the connecting account must have access to the computer on which EFT is installed. Password complexity, expiration, and so on for AD accounts are managed by the AD server rather than EFT.
You can add Active Directory users and groups as administrator accounts and the user or group appears in the Admin account names list on the Server's Administration tab. If a user account is added to EFT only as a part of a group, the user assumes the permissions of its group. If the user is a member of multiple defined groups, the permission (role) and assignment(s) allocated to the group that provides the most privileges are assigned to that user.
Once you have registered the Advanced Security Module, you are allowed to delete EFT-managed administrator accounts and use AD-provisioned administrator accounts exclusively, if desired.
-
Refer to Local Computer Administrators Group for more information about accessing EFT using the administrator credentials for the local computer.
-
Refer to Adding Server Administrators for details of creating an EFT administrator account that uses AD-based authentication.