The Meridian desktop applications (PowerUser, Configurator, and Administrator) authenticate users with the computer's operating system, Windows. The PowerWeb client authenticates users according to the method specified for the web application in Internet Information Services on the web server as described in Configure a PowerWeb Location.
Meridian does not rely on Windows to implement vault security. Meridian uses Windows only to authenticate users' identity. Instead, security roles are defined in the Configurator and privileges are granted or revoked from these roles. An administrator then assigns Windows users or groups to different roles for different folders with the PowerUser client application.
To work the most effectively with Meridian, Windows user accounts and groups should adhere to the following guidelines:
-
Multiple users should not be allowed to log in under the same user name.
-
Password synchronization between networks or systems should be consistent.
-
A dedicated server for user administration is recommended.
-
Users should always log on when they start working.
-
Users' logon scripts should synchronize the client computer time with the Meridian application server time.
If your Meridian Enterprise system will use more than one server, the services might need to be configured to allow security delegation as described in Security Delegation.
