PSIfusion user directories are used to define connections to user repositories and instruct the system how users from those repositories should be authenticated and mapped into the application.
Each installation contains a default System Directory that is used to manage application defined users. For smaller deployments, or deployments where an external directory is not available, additional users can be added to the system directory and managed by PSIfusion itself.
The system directory does not require any configuration prior to use, however there are some optional settings exposed that alter it's behavior.
Require User Passwords Satisfy Password Complexity Rules
This option gives administrators the ability to disable complexity checks when passwords are being set for users belonging to the system directory. By default this option is enabled, as shown in the screen shot below.
When complexity checks are enabled the following rules will be evaluated for each password change:
Passwords must be at least 6 characters in length
Passwords must contain at least one uppercase letter
Passwords must contain at least one lowercase letter
Passwords must contain at least one number
In addition to the built-in system directory, PSIfusion also supports external directories. External directories must conform to the Lightweight Directory Access Protocol Version 3 (LDAPv3) specification. While every effort has been made to ensure PSIfusion can be configured to work with any compliant LDAP directory, official support is currently only offered for the following systems:
Microsoft Active Directory
Configuring an external directory allows PSIfusion to delegate authentication and group and role mapping to the external system. The user experience for LDAP users and PSIfusion application users is identical; but by linking PSIfusion to your external directory you can avoid maintaining an additional set of user credentials, as well as gaining the ability to map your existing directory groups hierarchy into PSIfusion as User Groups and Teams.
PSIfusion supports an unlimited number of external directories. This allows for very flexible mapping to your existing infrastructure. A user directory can be created using a Microsoft Active Directory instance to authenticate one department, a Novell eDirectory instance to authenticate a group of external consultants, and users can be added directly to the system directory when use of an external directory is either not possible or not desired.
Another use for multiple external directories is to control which users in your organization will be mapped into PSIfusion. In larger organizations with extensive LDAP directories, or even smaller organizations with complex hierarchical structures; you can create a user directory that maps to subsections of your LDAP hierarchy, instead of connecting PSIfusion directly to the LDAP root. This allows you to link in a group of users from LDAP based on their container membership, which logically may be mapped to their physical location or home office, department within the company, etc.