Every OfficeClip user needs to be authenticated, using a login ID and password. OfficeClip can authenticate users in two ways, one is using the OfficeClip's internal authentication and the other is using LDAP or Active Directory authentication.
LDAP(Lightweight Directory Access Protocol) is an open network protocol standard designed to provide access to distributed directories. LDAP provides a mechanism for querying and modifying information that resides in a directory information tree. A directory information tree typically contains a broad range of information about different types of network objects including users, printers, applications, and other network resources.
LDAP servers are used by many organizations to authenticate users over the network or to store network resources. Microsoft Active Directory is an example of LDAP server that is provided with the Windows 2003/Windows 2008 server. LDAP authentication enables storing user information at one place that can be accessed by various applications or users.
The unique feature of OfficeClip authentication is that it allows administrators to switch between LDAP authentication and OfficeClip authentication. This is a very powerful mechanism because it allows OfficeClip site administrators to initially start with the OfficeClip authentication and then switch to LDAP later.
With the LDAP Authentication enabled, OfficeClip redirects the user ID and password to the LDAP server and requests authentication from the LDAP server. The user is considered to be authenticated in OfficeClip if the LDAP server returns a successful message to OfficeClip. The OfficeClip server keeps and maintains mapping between the LDAP user ID and the OfficeClip user ID for each user.