LDAP Integrated Authentication

System Administrator Help

Limitations - LDAP and Windows Integrated Authentication

You may experience a few logon limitations with the NextGen Healthcare applications when either LDAP or Windows integrated authentication is enabled. The NextGen Healthcare applications only accommodate mapping a user to one domain. For Windows integrated authentication, the Active Directory account (as used to log into the machine) has to exist on the user’s local domain. With LDAP authentication enabled, users must still log on within the application for the following: Unlocking encounters Medication verification PAQ use ePCS use Parent topic: LDAP and Windows Integrated Authentication

System Administrator Help

Set Up Integrated Authentication

You perform all integrated authentication setup in System Administrator. Setup is a three-step process. Turn on LDAP mapping. The setting enables the Map LDAP User button on the user under General tab. Map each NextGen application user to a user name in Active Directory. You can map them individually or in bulk. If necessary, you can provide proxy access for mapped users. Activate Integrated Authentication In System Administrator you can turn on LDAP and Windows integrated authentication. Map a User for LDAP Integrated Authentication Map Multiple Users for LDAP Integrated Authentication Set Up LDAP Integration Proxy Access Restrict Access to Windows Integrated Authentication Parent topic: LDAP and Windows Integrated Authentication

System Administrator Help

LDAP and Windows Integrated Authentication

The NextGen Healthcare applications support the use of Lightweight Directory Access Protocol (LDAP) authentication and Windows integrated authentication for user logon. The authentication eases administration access and allows single sign-on through directory-integrated authentication. With both kinds of authentication: The LDAP user mapping options in System Administrator become available, which enable you to map NextGen Healthcare users to Active Directory users. You can map users one at a time or in bulk. You can set account access to a proxy server for all mapped users. Note: The NextGen Healthcare applications still track user changes to data, such as for significant events, by their NextGen user ID. LDAP Integrated Authentication Limitations - LDAP and Windows Integrated Authentication Set Up Integrated Authentication Parent topic: Users

System Administrator Help

Map a User for LDAP Integrated Authentication

By mapping individual users to users in the Active Directory, you enable them to use LDAP authentication. To map a user, in System Administrator main window, select the user. On the External tab, select Map LDAP User. The Add External LDAP User window appears. Under LDAP User Search Options, the Domain search field defaults to the name of the domain currently logged into, and the First Name and Last Name fields default to the first and last names of the selected NextGen Healthcare user. If you need to find a different user, enter the search criteria in the LDAP User Search Options, and then select Search. The matching results display. Select the username row, and then select OK. The user's LDAP domain and username display on the External tab. Parent topic: Set Up Integrated Authentication

System Administrator Help

General Options Universal Preferences

Preference Description Add to Inclusion List from Patient Lookup Enables a provider to add patients to their Inclusion List from the Patient Lookup window. When this preference is set to True, patient names in the Patient Lookup window display with black text and the remaining names display with gray text. When this preference is set to False, only those names in the Inclusion List appear in the Patient Lookup window; therefore, the provider cannot add any new names to the Inclusion List. Note: The provider must have an Inclusion List already set up. Allow LDAP Integrated Authentication When set to True, this preference enables the LDAP integration features. The LDAP user mapping options become available in the System Administrator application > User settings > External tab. On the tab, the administrator searches the Active Directory system by domain, username, first name and last name and maps a directory user object to the selected NextGen Healthcare user account. This preference wil

System Administrator Help

Map Multiple Users for LDAP Integrated Authentication

Instead of mapping users one at a time, you can map them in bulk to save time. Select the View > LDAP Integration Setup. The LDAP Integration Setup window appears. Select the domain to be searched for matches. Under Bulk User Mapping Utility, select the enterprise, practice, and the criteria to match. Select View User Mapping Results. The LDAP User Mapping window appears listing the NextGen users and potential matches from the Active Directory. Select the check boxes for the correct matches, and then select OK. Parent topic: Set Up Integrated Authentication

LDAP Integrated Authentication

Recommendations

Limitations - LDAP and Windows Integrated Authentication

Set Up Integrated Authentication

LDAP and Windows Integrated Authentication

Map a User for LDAP Integrated Authentication

General Options Universal Preferences

Map Multiple Users for LDAP Integrated Authentication

Limitations - LDAP and Windows Integrated Authentication

Set Up Integrated Authentication

LDAP and Windows Integrated Authentication

Map a User for LDAP Integrated Authentication

General Options Universal Preferences

Map Multiple Users for LDAP Integrated Authentication