FREQUENTLY ASK QUESTIONS
YOU CAN SEARCH PART OF THE TEXT OR NUMBER.
Connection via ActiveDirectory - SSO
This feature is not active by default and is intended for IT infrastructure administrators to implement. The first step we recommend is to create your own group in ActiveDirectory, eg "Palstat" and fill it with users who are to connect to the PALSTAT system. This is especially suitable in companies with multiple users in ActiveDirectory, hereinafter referred to as AD, when this setting will be adventageous during the process of connecting to Palstat.
Technical features/limitations:
- It is possible to actively work with only one domain (ie it is not possible to have "mixed" users from several domains), the domain must be in the form of FQND, otherwise with Win7 users authentification can be very slow (minutes)
- The list of users is loaded using LDAP, all objects are loaded with objectClass=user
- The maximum number of loaded objects is limited by the AD server settings (1000 by default)
- Only objects with names not ending with the $character are offered for import (however, thay are counted in the limit regarding the number of objects loaded from AD)
- Authentification takes place via standard AD functions. Again, all users must be from the same domain and it must be set in the User Database module. If you fail to set up, we can assist with remote access via TeamViewer
The exact procedure is described in the manual DOC/Users.pdf chapter "Importing users from Active directory"
Basic principle:
- PALSTAT CAQ users must connect to AD users.
- Set the default domain name.
- Import from AD, load users, and bind or create in Palstat CAQ.
- In settings, switch user authentification to "Active Directory SSO" from "Palstat"
If working in SSO mode, in some cases it is necessary to force manual authentication against the Palstat CAQ user database and passwords. This option is required if you use some non-domain sites in your network. It is then necessary to create a shortcut of the required application on the desktop, ofter .APLLauncher.exe and run it with the auth/parameter.
Example:
- Launcher.exe /auth 0 - authentification against PALSTAT CAQ
- Launcher.exe /auth 1 - authentification against Active Directory
- Launcher.exe /auth 2 - authentification against Active Directory SSO
 |
© Copyright 1992 - 2025 PALSTAT s.r.o. |
PALSTAT s.r.o. Bucharova 230 543 02 Vrchlabí CZECH REPUBLIC |
tel.: +420 499 422 044 tel.: +420 499 692 016 www.palstat.cz |
» Home Page » Training » References » News |
» Events » Partners » Support » Contact |
» Products » Customer portal » Remote support » Update |
» Terms and Conditions » Gallery » Map » Portal 3 |