- ERP System: All
- MarkView Version: ALL
What are MarkView Systems' best practice recommendations for customers who require user login and user password management?
Due to corporate standards and/or compliance requirements such as Sarbanes-Oxley, customers may be planning to implement certain parameters for user logins and passwords.
These items include (but are not limited to):
- password to expire in x number of days
- password to be x characters long
- require a user to have x number of non-alpha characters
- prevent a user from using the same password for x number of days when the password is changed
- lock a user account if an incorrect password is keyed more than x number of times
- prevent more than x number of duplicate characters in a password (fff)
- prevent the username from being used in the password.
There are two common approaches for managing usernames and passwords with advanced rules that meet most corporate standards or compliance requirements.
- The first approach is to configure the MarkView System to integrate with Oracle Applications security framework where MarkView user authentication is deferred to Oracle Applications.
- In this approach, the MarkView System can leverage usernames and passwords that are managed with Oracle Applications.
- The MarkView Systems includes user synchronization functionality to synchronize user data from
- Oracle Applications to the MarkView System - called Automated User Setup and Synchronization(AUSS).
- For clients who have this, please review the documentation and known issues as outlined in
- Clients who do not have AUSS installed at their site, should contact their Kofax Practice Manager for information on how to obtain it.
- The second approach is to use a third-party Lightweight Directory Access Protocol (LDAP) server for managing usernames and passwords.
- Many industry-leading LDAP servers provide advanced username and password management functionality that typically meet most corporate standards or compliance requirements.
- Examples of LDAP servers that have been used by Kofax' customers include Oracle Internet Directory (OID), Microsoft Active Directory Server, and Sun Java System Directory Server (formerly Sun ONE iPlanet).
- In order to leverage a third-party LDAP server, the MarkView System should be configured to use a Single Sign-On (SSO) server for user authentication, which is then integrated with the LDAP server.
- Currently, usernames defined in a LDAP server must be synchronized with the MarkView users. This is typically managed using a connector supplied by the SSO or LDAP vendor, or by developing a manual script.
- Examples of SSO servers that have been used by Kofax' customers include Oracle Single Sign-On Server and CA Netegrity Siteminder.
- There are various approaches to deploying or enabling a SSO and LDAP environment, depending on the third-party software chosen. Please contact the Kofax Consulting Services group for further details.
Keywords: password, login, user, sox, Sarbanes-Oxley, expire, expiration, length, previous,sso, auss