Documentation Center

Configuring security

This section describes how to set up security to constrain access to the Archive Manager Explorer application. Setting up security for the Archive Manager Explorer depends on the Security Model you already have in place for SDL Tridion.

  • Configuring local security — for when you have installed the Archive Manager Explorer on the same machine as your Content Manager and your users and groups are stored in Content Manager
  • Configuring LDAP security — for when you have installed the Archive Manager Explorer on the same machine as your Content Manager and your users and groups are stored in Lightweight Directory Access Protocol (LDAP) servers
  • Configuring Single Sign On — for when you want to integrate Archive Manager Explorer with your single sign-on (SSO) server.

Authentication and authorization

Constraining access to the Archive Manager Explorer involves authenticating and authorizing your users: authentication is the process of verifying that the user is who they say they are, authorization is the process of checking that a user has the necessary permissions. SDL Tridion offers the following means to authenticate users:

  • Using SDL Tridion Security — uses Window Authentication (Active Directory) to authenticate users
  • Using Lightweight Directory Access Protocol — connects to LDAP server to authenticate users

Authorization is performed in SDL Tridion and involves you granting users privileges. The User of the Archive Manager Explorer must be one of the following:

  • A Tridion System Administrator (no configuration required)
  • A member of the Archive Manager User Group that is specified in the Archive Manager Explorer Web.config file