With the release of enVigil FMS 5.1 a new authentication method has been introduced. LDAP (or Lightweight Directory Access Protocol) is an open and cross platform protocol used for directory services authentication. LDAP provides the communication language that applications use to communicate with other directory services servers.

• LDAP is a way of speaking to Active Directory.
• LDAP is a protocol that many different directory services and access management solutions can understand.

We have had many requests from customers about the possibility of adding LDAP authentication support into enVigil. This update will allow non-domain joined computers the ability to authenticate Active Directory users and groups through an external domain and provides greater security against cyber-attacks. If a domain joined computer suffers a cyber-attack it can spread across the network to other devices, a non-domain joined computer naturally restricts this by not having access to areas on the network.

To accommodate this change, ConfUserAccess.exe has been updated to enable LDAP users to be configured. Select the LDAP Users radio button to begin the setup.

Once selected, ConfUserAccess.exe will reveal new input fields relating to the connection for the LDAP server. These should be filled in and then you are able to use the “Test Connection” button to ensure the details are correct.

When the connection details have been entered and verified, you are able to add domain users into enVigil the same way as you previously would. You do not need to add the domain prefix to the username when entering them. Note: When using LDAP to authenticate through enVigil, only users authenticating over LDAP are available, local users can not be used while LDAP is activated.

Logging into enVigil is the same whether you are using local/domain users or authenticating through LDAP. The only difference you may see is if you have entered the wrong username and password combination, you will see an LDAP-specific message as below.