AD (pronounced “ay, dee”) is an abbreviation for Microsoft Active Directory, a very common external authentication system used in the file transfer industry to centralise authentication, user account information and access control. See “Active Directory” for more information.
“Community Management” is a marketing term used to describe technology and services that use external authentication technology to provision (or “onboard“) users or partners using rich profile definitions and which allows users and partners to maintain elements of their own profiles (e.g., contacts, email addresses, member users with limited rights, etc.). File transfer and/or EDI[..]
Deprovisioning is the act of removing access from and freeing up resources reserved by end users and their file transfer workflows. Rapid removal of access upon termination or end of contract is key to any organisation. Freeing up of related resources (such as disk space, certificates, ports, etc.) is also important, but often follows removal[..]
External authentication is the use of third-party authentication sources to decide whether a user should be allowed access to a system, and often what level of access an authenticated user enjoys on a system. In file transfer, external authentication frequently refers to the use of Active Directory (AD), LDAP or RADIUS servers, and also refer[..]
LDAP is a type of external authentication that can provide rich details about authenticated users, including email address, group membership and client certificates. LDAP connection use TCP port 389 but can (and should) be secured with SSL. When LDAP is secured in this manner, it typically uses TCP port 636 and is often referred to[..]
LDAPS refers to LDAP connections secured with SSL, typically over TCP port 636. See “LDAP” for more information.
To onboard a user or onboard a partner is to set up all the necessary user accounts, permissions, workflow definitions and other elements necessary to engage in electronic transfers of information with those users and partners. Automatic onboarding of users or partners usually involves external authentication technology of some kind. When that technology involves particularly[..]
Provisioning is the act of adding access to and allocating resources to end users and their file transfer workflows. It is often used interchangeably with the term “onboarding“. The act of provisioning should always be audited, and the audit information should include the identity of the person who authorized the act and any technical actions[..]
RADIUS is an authentication protocol that supports the use of username, password and sometimes one extra credential number such as a hardware token PIN. In file transfer applications, RADIUS sign on information can be collected by web-based, FTP-based or other file transfer prompts and then tried against trusted RADIUS servers. When a file transfer application[..]
Self-provisioning is the ability for individual end users and partners to set up (or “provision“) their own accounts. Self-provisioning is a common element of most cloud services but remains relatively rare in file transfer applications. A major difference between those environments is that self-provisioning in cloud services usually involves linking a credit card or other[..]