1. Product Documentation This document is a configuration guide for RCDevs WebADM. The reader should notice that this document is not a guide for configuring WebADM applications (Web Services and WebApps). Specific application guides are available through the RCDevs online documentation library. WebADM installation and setup is not covered by this guide and is documented in the RCDevs WebADM Installation Guide. 2. Product Overview WebADM is a powerful Web-based LDAP administration software designed for professionals to manage LDAP Organization resources such as domain users and groups.

1. Overview This HowTo presents the schema extensions needed by WebADM with most of LDAP directories. Only Active Directory can work with WebADM without schema extensions. WebADM stores most of its related metadata into the LDAP directory on users accounts and into a specific container/OU. 2. Content of the Schema Extension The schema extension is very minimal. It is composed of three object classes (webadmAccount, webadmGroup and webadmConfig) and three attributes (webadmSettings, webadmData, webadmType and webadmVoice).

1. Bundle Overview In that documentation, we are going to explain the Active Directory synchronization tool provided by RCDevs and its usage scope. SECURITY NOTE This script is designed to securely synchronize specific account information from Active Directory (AD) to the RCDevs Directory. Only hashed passwords are transferred, ensuring the actual plain-text passwords remain inaccessible. The account information to be synchronized can be adjusted via a dedicated configuration file. All data is transmitted securely using HTTPS to a specialized environment explicitly trusted by the Active Directory server.

RCDevs Virtual Appliance Startup Guide The RCDevs VMware Appliance is a standard and minimal Rocky Linux (64Bit) installation with the RCDevs software packages already installed with yum. The Appliance contains the following (already configured) components: WebADM Server (installed in /opt/webadm/). WebADM Web Services: OpenOTP, SMSHub, OpenSSO, SpanKey, TiQR (installed in /opt/webadm/websrvs/). WebADM WebApps: SelfDesk, SelfReg, PwReset, OpenID (installed in /opt/webadm/webapps/). OpenOTP Radius Bridge (installed in /opt/radiusd/). RCDevs Directory Server (OpenLDAP in /opt/slapd/).

How to configure proxy_user rights for Active Directory There are two things to be considered in order to implement fine-grained LDAP permission for WebADM and its applications. WebADM Proxy user permissions: This system user is used by WebADM to access and manipulate the required LDAP resources without an administrator login, for example, to increase the false authentication counter, register token metadata on the user account… Administrator users permissions: These accounts login to the Admin portal in order to manage LDAP resources and registered applications.

How To configure super_admin rights for Active Directory There are two things to be considered in order to implement fine-grained LDAP permissions for WebADM and its applications. WebADM Proxy user permissions: This system user is used by WebADM to access and manipulate the required LDAP resources without an administrator login, for example, to increase the false authentication counter. Administrator users permissions: These accounts login to the Admin portal in order to manage LDAP resources and registered applications.

How To Configure WebADM with a Read-Only Active Directory Important Note That setup require an enterprise license which can only be issued by RCDevs team. Self-generated Freeware/Trial licenses are not supported. Regular enterprise license bought through the RCDevs web store are not supported. In some circumstances, we can not write in the LDAP backend. In that case, we need to store some configurations in a local LDAP database and users extra information in a SQL database.

Normal Login flow Simple Login flow Push Login flow 1. Product Documentation This document is an installation guide for the OpenOTP Credential Provider for Windows. Hence, the installation or configuration of WebADM, including token registration is not covered in this guide. For installation and usage guides to WebADM refer to the RCDevs WebADM Installation Guide and the RCDevs WebADM Administrator Guide available through the RCDevs online documentation Website. 2. Product Overview The OpenOTP Credential Provider for Windows is a component that integrates the RCDevs OpenOTP one-time password authentication into the Windows login process.