Skip to main content
Kofax

MarkView All Components - What are MarkView Systems' best practice recommendations for customers who require user login and user password management?

Summary

3938

Applies To

  • ERP System: All
  • MarkView Version: ALL

Behavior

What are MarkView Systems' best practice recommendations for customers who require user login and user password management?

Known Causes

Due to corporate standards and/or compliance requirements such as Sarbanes-Oxley, customers may be planning to implement certain parameters for user logins and passwords.

These items include (but are not limited to):

  • password to expire in x number of days
  • password to be x characters long
  • require a user to have x number of non-alpha characters
  • prevent a user from using the same password for x number of days when the password is changed
  • lock a user account if an incorrect password is keyed more than x number of times
  • prevent more than x number of duplicate characters in a password (fff)
  • prevent the username from being used in the password.

Resolution

There are two common approaches for managing usernames and passwords with advanced rules that meet most corporate standards or compliance requirements.

  1. The first approach is to configure the MarkView System to integrate with Oracle Applications security framework where MarkView user authentication is deferred to Oracle Applications.
    • In this approach, the MarkView System can leverage usernames and passwords that are managed with Oracle Applications.
    • The MarkView Systems includes user synchronization functionality to synchronize user data from
    • Oracle Applications to the MarkView System - called Automated User Setup and Synchronization(AUSS).
    • For clients who have this, please review the documentation and known issues as outlined in
    • Clients who do not have AUSS installed at their site, should contact their Kofax Practice Manager for information on how to obtain it.
  2. The second approach is to use a third-party Lightweight Directory Access Protocol (LDAP) server for managing usernames and passwords.
    • Many industry-leading LDAP servers provide advanced username and password management functionality that typically meet most corporate standards or compliance requirements.
    • Examples of LDAP servers that have been used by Kofax' customers include Oracle Internet Directory (OID), Microsoft Active Directory Server, and Sun Java System Directory Server (formerly Sun ONE iPlanet).
    • In order to leverage a third-party LDAP server, the MarkView System should be configured to use a Single Sign-On (SSO) server for user authentication, which is then integrated with the LDAP server.
    • Currently, usernames defined in a LDAP server must be synchronized with the MarkView users. This is typically managed using a connector supplied by the SSO or LDAP vendor, or by developing a manual script.
    • Examples of SSO servers that have been used by Kofax' customers include Oracle Single Sign-On Server and CA Netegrity Siteminder.
    • There are various approaches to deploying or enabling a SSO and LDAP environment, depending on the third-party software chosen. Please contact the Kofax Consulting Services group for further details.

Keywords: password, login, user, sox, Sarbanes-Oxley, expire, expiration, length, previous,sso, auss