Log-in services allow the authentication of authorised users to systems (workstations) and services. They ensure that data can only be accessed after the correct user name and password have been entered.
As soon as the user logs on to the desktop system, the user name and password are checked. Different standards are employed to do this, including LDAP, NTLM, Kerberos and PAM. The central administration of the data by the management system ensures that the necessary data for the log-in with different standards are available and that their content is synchronised. This allows a user to log in securely and encoded on different clients with the same user data. It is irrelevant whether the client has Mac OS X, Windows or Linux installed as the operating system.
The different standards make it possible to use the same password on all services. The user only needs to remember one user name and one password, which he can then use to access different applications and services. This improves security as the user only has to remember one password instead of many usually insecure passwords. This one password can then be selected complex and secure and changed personally if necessary.
Single sign on means that the user must only log in once. Thereafter Kerberos, for example, performs the further log-in procedures for local and remote services and applications. This saves a great deal of time as it is not continually necessary to re-enter the user data. UCS single sign on mechanisms are offered via Kerberos and Samba/NTLM.
