Page Comparison

A security realm defines the mechanism for user authentication and authorization. FlexDeploy provides a default internal realm for users, which is based on FlexDeploy database tables for Users and Groups. FlexDeploy also supports Active Directory and other LDAP based realms for authentication and authorization using an external directory server. You can define multiple security realms. To configure/view the realms, select Administration -> Security -> Realms from the menu. FlexDeploy has out of box realm which can be utilized as well along with external directory servers.

Realms can be ordered to ensure that authentication checks are done in particular order. If you define multiple realms, users are authenticated against each realm in the specified order until the first successful authentication occurs. Authentication will stop when first successful authentication against any realm in list (bug was identified here where authentication continued through all realms, bug fixed with 5.2.0.1).

If Group Mapping is enabled for that realm where authentication is successful, Groups are derived from mapping configured for that Realmrealm. Groups assigned in the FlexDeploy internal realm are always used as well, so if you wanted to provide additional groups to users defined in external realm, you can do that in FlexDeploy - Users screen. Group mapping in the Realm is optional, in which case you must assign Groups to Users using FlexDeploy – Users screen.

...

External realm users will have their passwords managed in the external realm, not in FlexDeploy.

...