UC_USER_LOGON - Single Logon
This variable can be used to define whether automatic logon (Single Logon) is allowed.
Key |
Value |
New start required |
---|---|---|
WinNT |
AUTO |
No |
UNIX |
AUTO |
No |
LINUX |
AUTO |
No |
Call |
AUTO |
No |
Description
This variable is supplied in client 0000. Its settings are valid for the whole AE system and can only be changed in client 0000.
Access to the operating system is granted via the specification a valid user ID and password. Logging on to the AE system is not required if the variable UC_USER_LOGON is used. In this case, the system checks if a User object exists in the client and if so, logon is automatic. Otherwise the UserInterface's login window opens.
When Single Logon is enabled, access control is shifted to the UserInterface's OS. Unattended screens can become a security risk and must therefore be avoided using the means of the relevant operating system.
Single Logon can be used for CallAPIs. The benefit is that the password does not have to be stored in programs or procedures. Therefore, it is not required to change every time the password is changed.
The following steps are required to activate Single Logon:
- Log on to system client 0000.
- Specify the keys for your operating systems in the variable UC_USER_LOGON. A list of keys is provided above. The value to be specified is always AUTO written in upper-case letters.
- For all persons allowed
to log on via Single Logon, there must be a client with a User object.
User object names must be the same as used for logging on to the operating
system. Example for Windows:
User name: Smith
Domain: UC4
In this case, the name of the User object must be "SMITH/DEV". - Parameters are required to start the UserInterface. These can be stored in various places (e.g. as a link) and include the client and the AE system.
Description |
|
---|---|
-Cclient |
For Windows and UNIX or Linux: The user name is taken from the operating system. The system then searches an AE user with that name. The department is not taken into consideration. There can only be one user with this name, regardless of the department. If the user is found, logon is accepted without password verification. |
-Dclient |
Alternative parameter for -C under Windows: The user name is taken from the operating system. The particular Windows domain is used as the department. If the user is found, logon is accepted without password verification. |
-SAE system or connection name |
It is crucial to indicate the name in order to enable automatic logon because there can be more than one AE system. The login window is displayed if this parameter is missing. You can also enter the connection name which is specified in the configuration fileuc4config.xml, XML element <connection name="Name" system="System"> instead of the AE system name. |
See also: