Connect to Your Database Using Active Directory
Most EMS customers connect their databases to EMS applications using the EMS User account. Some organizations prefer to tighten security even further by using their own accounts, such as those from Active Directory. This gives them greater control over the account and enables them to set their own passwords instead of relying on the built-in EMS User account.
Active Directory Process Overview
To connect your database to Active Directory, replace the EMS User account with an Active Directory account/group your organization can define and control. This enables you to use the Windows Authentication mode exclusively (instead of SQL Server and Windows Authentication mode) for your server authentication. This process involves the following stages:
What Is an EMS User?
EMS employs an application-level security model. All EMS end-user accounts are provisioned within the EMS application. Connectivity between the EMS database and all EMS components, such as EMS Desktop Client, VEMS, EMS Web App, EMS Mobile App, and so on is managed with one fixed EMS SQL Server user account/EMS User created during the EMS database installation process. This security model requires server authentication for the Microsoft SQL Server where your EMS database resides must be set to a mixed-mode, that is, SQL Server and Windows Authentication mode.