Determine the Authentication Modes
Anthology Student provides the following authentication modes:
- Use Anthology Student Database
- Use Active Directory (Sign In)
- Use Active Directory (Single sign-on)
If you want to use one of the Active Directory modes, contact your Customer Engagement Manager or Client Services for additional information on requirements and configuration
Warning: Once you switch from the Use Anthology Student Database option to either of the Active Directory options (sign in or single sign-on), you cannot revert the configuration, since all the staff member accounts are encrypted one way in the Active Directory storage.
Anthology Student is installed with a user ID and password for your System Administrator so that they can verify the installation and begin configuration. For information about the user ID and password, contact your Customer Engagement Manager or Client Services.
Use Anthology Student Database
When you configure to Use Anthology Student Database authentication mode, you must configure a username and password for all the staff members using Anthology Student.
Anthology Student saves the staff members' credentials to the Anthology Student database and uses the database to authenticate the staff members before granting them access. All staff passwords are changed to use hashing in the Anthology Student database.
Requirements for Using Anthology Student Database
To Use Anthology Student Database, your institution must:
-
Configure password profiles (Select the Settings tile > locate System > select Staff > Password Profiles tab.)
-
Assign password profiles (Select the Settings tile > locate System > select Staff > Assign Password Profiles tab.)
-
Add accounts for staff members and specify their user IDs and initial passwords (Select the Settings tile > locate System > select Staff > Staff Members tab.)
Use Active Directory (Sign in or Single sign-on)
When you configure to use the Windows Directory Services, Anthology Student provides direct authentication against Active Directory. The goal is to create a seamless integration between Anthology Student and Windows authentication services already in place for each institution, and not to manage them. The Anthology Student role will be solely to integrate with the directory services for authentication processing.
There are 2 Active Directory modes.
| Active Directory Mode | Description |
|---|---|
| Use Active Directory (Sign In) | Anthology Student displays the user name for the staff member in the format userid@domain for the current Windows session by default on the log in screen. The staff member is not allowed to modify the user name. Staff members must specify their Windows domain password to access Anthology Student. |
| Use Active Directory (Single sign-on) | The staff member is not prompted for credentials. Anthology Student use their current Windows session information to authenticate the staff member and to sign them into Anthology Student. |
When Active Directory is enabled in Anthology Student, the Password Profiles functionality in Anthology Student is replaced by the Windows domain policies. After you have added the staff members in Anthology Student, password management and other tasks related to their Windows accounts are done outside Anthology Student by your System Administrators or by using third-party software (such as account status, expiration, lock-outs, and organizational units related to staff member accounts).
Requirements for Use Active Directory
To use Active Directory, your institution must use the same process of authentication of and authorization for faculty staff users for all institutions and campuses under the current implementation.
Your institution must also add accounts for staff members to use Active Directory and if you:
-
Have configured a default domain in the web.config file, specify their user IDs
-
Have not configured a default domain in the web.config file, specify in the format userid@domain.com
Your institution should also install and configure secure sockets for all instances of the Authentication Web Service providing authentication to Anthology Student.
If You Are Also Using Portal
If you are using Portal, the Portal authentications for Faculty accounts are validated against the Anthology Student database, while the Student, Applicant, and Employer accounts are validated against the Portal database. Portal users can only change passwords through the Faculty Portal when Active Directory is enabled.
When you configure to Use Active Directory authentication mode, you have to enter the Windows domain password.
