Question / Problem:
Customer is asking if eFlow can work without a domain controller, AD and a DNS server? if they use only non-AD users and IP addresses instead of server names.
Answer / Solution:
This has been done without MS AD…… See below and hope that it helps.
- It is possible that the server/machines may not have join domain and could also be just in Workgroup as default so MS AD Groups are not usable.
- In this case, the client machines were supposed to be defined under the same Workgroup.
- Without MS AD, Groups are not usable.
- If it is not standalone but with LAN server and clients then the local user IDs defined must be the same at all the machines where each user ID password must be set the same at each machine.
- At domain security.xml, you can just define the machine name as the LAN server name or the client machine name.
- The prefix needs to be input with the local machine name in the format of <Machine Host Name>\<User ID>
- I have defined based on the intention where the user ID was used then I just input that machine host name.
- With APN approach, I think it does not matter. My understanding is that at the Server, it will become <Server Name>\<User ID>.
- Most important is the local same ID and password to get defined at all machines (server must have, client if you does not define then cannot use that User ID local login).
- Having same ID and password for target client machines and LAN server machine, this will then enable APN (alternate principal name) approach to impersonate and get the user ID authenticated.
- If this is the LAN server machine then admin user must do the same user ID creation at each client machine after creating at the LAN server.
i. Admin user needs to consolidate the user accounts to create.
- At STS Management, if “<MachineA>\UserA1” was setup then the same user “UserA1” must be created with same password at both LAN server (i.e. <LAN Server>\UserA1) and <MachineA>.
- Meant to allow APN and authentication approach to work with LAN server when local user login at Client Machine.
ii. Use admin account to login to each client machine and use the Computer Management to add the same user ID name.
- If this is the Client machine then admin user is to create the same user ID and password which was done at the LAN server machine (similar approach as explained above).
Thanks to Amos for detailed information
Enter How to here:
- How to Step 1
- How to Step 2
- How to Step 3