With Active Directory Authentication enabled, Securence queries your AD server every time a user attempts to login. Continuity allows users to access their messages during an outage situation on your network. However, what if the outage includes your AD server? How can Securence authenticate your users to give them access to their Continuity inbox? Due to the inherent conflicts between these two features, extra measures are necessary in order to help them function together:
1. Ensure all users have confirmed at least one alternate e-mail address or mobile number in Securence.
If you have Continuity and AD Authentication enabled, any user that has not yet confirmed an alternate e-mail address or mobile number will be instructed to do so as soon as they login. They simply need to enter an e-mail address on a different domain that they have access to, or their mobile number, and Securence will send a confirmation code. Once confirmed, they may use their alternate e-mail address or mobile phone in the future should they need to reset their Securence password during an outage.
2. Use the Local (Securence) Authentication Override during an outage.
During an outage, when your users need access to their Continuity inbox or Quarantine, you may override all authentication to use Securence, instead of your AD server. This can be accomplished by checking the appropriate box in the Securence Admin interface: Incoming Settings -> Security tab -> Auth Method Override. Once enabled, if a user already has a Securence password, they may use it to login. If they don’t have a Securence password yet, they can follow the reset password procedure from the login page and use an alternate e-mail address or phone in order to set a new password for Securence.
3. When your system is back online, disable the Authentication Override.
When you are ready for your users to resume authenticating using your AD server, simply disable the Auth Method Override. All users configured to authenticate via AD will once again be able to login to Securence using their AD credentials.