Welcome to Kofax RPA > Kofax Analytics for RPA > Install and Configure Kofax Analytics for RPA > Windows Authentication > Configure Insight for Windows Authentication

Configure Insight for Windows Authentication

Use the procedure in this section to configure Kofax Insight for Windows Authentication.

Before configuring Insight, select Windows authentication in IIS for the web application (default website).


IIS authentication

  1. Navigate to Start > All Programs > Insight 6.2.1 > Administration > Admin Console.
  2. In the navigation panel, click Authentication.
  3. Click the Authentication Method tab and select the following:
    1. User properties are obtained from the environment: Windows
    2. And then user roles and access rights are determined by comparing these values to: Fixed values
  4. User identifier: Specify a way to get the user's ID. The ID should be constant for a specific user's login. Usually, it is a session property (Identity) that looks to the Active Directory domain and user name.
    1. In the navigation panel, click User mapping.
    2. On the User Mapping tab for User Identifier (UID), set the Session property to Identity.
  5. Set session properties for User Name and Email.
    1. On the User Mapping tab for User Name, set the Session property to FullName.

      User Name is the display name of a user account. Usually, it is one of the Active Directory properties, such as Identity, name, FullName, displayName or another convenient property. Your Domain Admin can provide all available Active Directory properties.

    2. On the User Mapping tab for Email, set the Session property to EmailAddress.

      Email is the email address of the user account. It is used for self-subscriptions only. Usually, it is the Active Directory property mail or EmailAddress. Your Domain Admin can provide you with all available Active Directory properties.

Mapping Roles

Roles define a set of predefined Admin settings such as the theme, date format, etc. Also, roles define specific access rights to projects and dashboard views. It's necessary to describe mapping rules for each role. Usually, the Active Directory property memberOf is used. In the sample illustration, users with the Active Directory property memberOf, including the admin, are assigned to the KAFK admin role. Your Domain Admin can provide you with all available Active Directory properties.

Each row in the mapping grid uses the AND operand. If multiple roles on the Roles list match conditions for a user account, the access rights are merged from all matching roles, while other settings (such as the theme or date format) are assigned by the top matching role on the list.


Role mapping