External Authentication Fields

This feature requires additional licensing. When the Log in using Active Directory Authentication and Log in using LDAPLightweight Directory Access Protocol is an application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. LDAP is a type of external authentication that can be used by your organization to maintain your login and password. Authentication functions are enabled in the Common module license, your organization has purchased this feature.

Several fields on the Settings tab of the Edit User page are needed for external authentication. These fields mostly relate to locations, which are often used to categorize employees in the Active Directory. When external authentication is enabled and a user logs into RL6, your organization’s LDAP or Active Directory database is used to determine if the user should have access to RL6. If the user’s login credentials match, the RL6 database is scanned to determine if the user exists. If the user does not exist, a new record is created. If the user exists but some attributes have changed, the record is updated.

During implementation, the RLDatix implementation team will help you map the fields stored in your organization’s Active Directory to the fields listed below:

Table 5-57: Understanding External Authentication Fields
Field	Description
User Profile Update Method	When this field is set to `External-LDAP/AD`, the user’s RL6 profile will be automatically updated when changes are detected. If you have manually made changes to the user record in RL6 and do not want them to be overridden the next time the user logs in, change this field to `Internal-Application`. In other words, when `Internal-Application` is selected, the profile will not be updated based on the user’s network attributes and only the internal user settings will be used.
DepartmentThe department or section within the laboratory that performs the tests.	This field is located on the User Profile dialog, which is access by clicking the Preferences link (located at the bottom-right of the page).
Site, Location3, Location4, Location5, Location6, Location7, Location8, Location9, Location10	These fields are located on the Settings tab of the Edit User dialog. Multiple location attributes may be used to define an employee’s position and rank within the organization’s hierarchy. During implementation, these attributes will be identified and mapped to the corresponding RL6 fields. Your organization may not use any of these fields – or may use them all. If these fields are used with attributes from your organization’s Active Directory, the associated pick lists must contain those exact values. Alternatively, you may wish to associate existing pick lists (Site, Program, Department, General EventA patient or employee related occurrence which is recorded in paper or electronic format. Once recorded, an event file is reviewed by a file manager who may involve other individuals (e.g. using tasks and follow-ups features) to help investigate and resolve the event. Type, Severity, etc.) with the Location3 through Location10 fields to help build generic scopes. Generic scopes mean that file access can be controlled in the user profile rather than by the scope. This concept is easier to understand: to modify the files a user has access to, update the user’s Site, Location3 or Location4 fields rather than the scope associate with the user profile. Note: The pick lists associated with the “Location” fields can be changed (see General System Parameters List for details).