All Posts

Password Management and Authentication in Documentum

S

By Suhas Das

Author

14 views

In OpenText Documentum, user authentication is a critical component of system security. Documentum provides multiple flexible options for managing passwords and verifying user identities, allowing organizations to align authentication with their security policies and infrastructure.

Overview of Authentication in Documentum

Documentum does not rely on a single authentication method. Instead, it supports multiple authentication mechanisms, enabling integration with enterprise systems and enhanced security controls.

These methods determine how users are verified before accessing the repository and its content.

1. In-Line Password Authentication

In this method:

  • User credentials are stored directly within the Documentum repository
  • Passwords are encrypted and saved in the user_password attribute of the user object

When a user logs in:

  • The entered password is encrypted
  • It is compared with the stored encrypted value

This is the default and simplest authentication method, suitable for basic environments.

2. LDAP Directory Server Authentication

Documentum can integrate with LDAP (Lightweight Directory Access Protocol) servers for centralized authentication.

Available options include:

  • Direct authentication against the LDAP server
    • Can use secure (SSL) or non-secure connections
  • LDAP-enabled dm_check_password program
    • A utility that validates credentials against the directory

This method allows organizations to:

  • Centralize user management
  • Use existing enterprise identity systems (e.g., Active Directory)

3. Custom Password Checking Program

Documentum allows the use of a custom authentication program.

In this approach:

  • A custom script or program is developed
  • The Content Server is configured to call this program during login

This is useful for:

  • Integrating with proprietary systems
  • Supporting Windows domain authentication for UNIX environments
  • Implementing specialized security logic

4. Authentication Plug-in (SSO & Strong Authentication)

Documentum supports authentication plug-ins that enable:

Single Sign-On (SSO)

  • Users log in once and access multiple systems without re-authentication

Strong Authentication

  • Uses advanced verification methods such as:
    • Smart cards
    • Biometrics
    • Security tokens

This method enhances security and improves user experience in enterprise environments.

Key Benefits of Documentum Authentication Options

  • Flexibility → Multiple authentication methods supported
  • Security → Encrypted passwords and strong authentication options
  • Integration → Works with enterprise identity systems (LDAP, SSO)
  • Extensibility → Custom authentication logic can be implemented

Conclusion

Documentum provides a robust and flexible authentication framework that supports everything from simple encrypted passwords to advanced enterprise-grade solutions like LDAP integration and Single Sign-On.

This ensures that organizations can secure their content repositories while maintaining seamless user access across systems.

0 Comments

Leave a Comment

Your email will not be published. Comments are subject to moderation.