Enabling Active Directory Security Mode

GENESIS Security can synchronize its user accounts with Active Directory, so users can log into GENESIS with their Active Directory username and password. Permissions for users and groups are defined in the GENESIS Security database.

Active Directory passwords are not stored in the GENESIS configuration database.
For synchronizing with Entra ID, see Enabling Entra ID Security Mode.

To synchronize security with Active Directory:

(Optional) Set the security to testing mode to help keep you from getting locked out if something is configured incorrectly later. Learn how

Do not make this change on a production system.
1. Open Workbench and in Project Explorer, expand your project > Security and double-click Global Settings to open the configuration dialog.
2. On the General tab, set Security active to Testing.
3. Apply the changes.
In Workbench, go to Security and edit Global Settings.
1. Set Security Mode to Active Directory, then complete the Active Directory Settings section according to your domain settings.
2. To restrict login access to users in a specific group, go to the Only Users from a Specific Group section, select Enabled, and enter a Group Name.
In the Domain Connection Authentication section, enter the User Name and Password for the account used to authenticate access to the Active Directory.
(Optional) Enable automatic login and Windows integrated authentication. Learn how
1. In Automatic Login, select Enabled.
2. On the Tools ribbon, select FrameWorX Server Location, and in the dialog that opens, set Client Authentication to Integrated Windows Authentication.
  
  Alternatively, check that you have configured client certificates for authentication that map to the Active Directory.
Click Apply, and then try to log in as an Active Directory user.
If all tests succeeded, set the security back to active mode. Learn how
1. In Workbench, go to Security > Global Settings > General tab.
2. Set Security active to Active.
3. Apply the changes.