Because Platform Servers run on Microsoft Windows Sever® operating system, they employ the AD (Active Directory) technology to manage users, groups and file permissions throughout the Platform System. This enterprise security system provides the most robust file security protocols available.
The Platform System utilizes an AD and domain controller to read & write user’s information to the Windows Operating System. Each user that logs into the Platform System is authenticating against the Windows Domain using Active Directory security.
There are two ways that Active Directory can be employed for Platform. The first is when the Platform is a domain controller and it hosts the Active Directory Server on the Platform itself.
Figure 23 - Platform as an AD Domain Controller
By default, each Platform Server is shipped with Microsoft Windows Server Essentials® edition. This is a full Windows Server Operating System acting as a domain controller and which houses the Active Directory. In this case, Platform Security services interact with the AD on the Platform itself when validating user logins and permissions.
Figure 24 - Platform Connecting to an Existing Domain
The second option is when the Platform joins another Microsoft domain and utilizes the Active Directory on another AD Controller. This option is typically used when Platform is installed in a corporate environment that has a Microsoft Windows® infrastructure in place and that organization wishes to utilize the existing security approach.
When the Platform joins an existing domain, the operating system used is Microsoft Windows Server Standard®. After joining the other domain, Platform communicates to that AD and can pull users, groups and security information from that domain.
For security to operate consistently in a user environment, if any workstations that are already joined to a Windows domain are going to be connecting to Platform, that Platform system must also be joined to the same domain.
Because the Platform must be joined to the domain before the Platform software can be installed, it is important to know the domain will be set up before installing the Platform. Please consult ProMAX or a Platform reseller if you have questions regarding these choices.
Depending on the Platform installation, the system may or may not be allowed to update the Active Directory. In the General Tab of the System Configuration screen, the system administrator can select ‘Ad is Read Only’. This option tells the system to not allow the Platform to update the AD. If this is true, certain options described below will not be available and are marked accordingly.