8e6 Technologies R3000 manual Work flow in a Windows environment

CHAPTER 1: INTRODUCTION AUTHENTICATION OPERATIONS

Work flow in a Windows environment

1.The administrator stores the 8e6 Authenticator client (authenticat.exe) in a network-shared location that a login script can access.

2.Using a Windows machine, an end user logs on the domain, or logs on the eDirectory tree via a Novell client.

3.The end user’s login script evokes authenticat.exe.

4.The 8e6 Authenticator client determines the authentica- tion environment by examining the Windows registry, then retrieves the username and domain name using either Windows or Novell APIs, and sends this informa- tion (LOGON event) to the R3000.

5.The R3000 looks up the groups to which the end user belongs (Windows AD, PDC, or eDirectory through LDAP or NTLM/Samba), and determines the profile assignment.

6.The R3000 sets the profile for the end user with user- name (including the group name, if it is available) and IP.

7.The 8e6 Authenticator client continually sends a “heart- beat” to the R3000—with a specified interval of seconds between each “heartbeat”—until the end user logs off.

8.The end user logs off, and the 8e6 Authenticator client sends a LOGOFF event to the R3000. The R3000 removes the user's profile.