▪ When you add users to Focal Point^®, they are not automatically added to Rational Directory Server.

▪ If you are a Rational Directory Server user, you can log in to Focal Point^® even if you do not have an account. Rational Directory Server users are added to the product automatically.

▪ You can change your password on the Profile and Password Settings page: from the main user menu, select Preferences, and then click Password.

▪ The following security settings are ignored for users who are set to be authenticated with Rational Directory Server. To view these settings, click Administration from the User menu, and select Application > Security:

▪ Click Administration from the User menu, and select the Users tab. Click Rational Directory Server Update. The Rational Directory Server Update menu is shown only for a user who is having User Type as “Global Administrator” and Authentication as “Rational Directory Server”. For a user who authenticates by using Rational Directory Server, the user information in Focal Point^® is updated with the details from Rational Directory Server.

▪ On the Focal Point^® Login page, if a Rational Directory Server user clicks Lost Your Password?, an error message is displayed.

▪ As an administrator, if you click Send Account Information for a Rational Directory Server user, an error message states that the password is not generated or sent. Only the user name and login URL are sent.

▪ In Rational Directory Server, if you enabled the option to change your password the first time that you log in, when you first log in to Focal Point^®, you are prompted to change your password. If you leave this page without updating your password, you can access Focal Point^®, but all Rational Directory Server attributes, such as full name and email, are empty. These attributes are updated after you log in and change the password. If a user is already added to Focal Point^® and does not update their password, the Rational Directory Server attributes display the old values until the password is changed.

▪ The Need Access feature works for standard authentication. The user is added to Focal Point^® only. The user name in Focal Point^® must be the same as the name in Rational Directory Server. Otherwise, when you use the Update feature to synchronize, an error is displayed and synchronization fails.

▪ When a Rational Directory Server user logs in, a token is generated and stored as a cookie in the browser. When the user logs out, the cookie is removed. The token has an idle timeout of 5 minutes and session timeout of 1 hour. The token timeout does not affect a logged-in user.

▪ Rational Directory Server single sign-on takes precedence over other forms of automatic login within a browser in Focal Point^®, including Web Single Sign‑On.

▪ Almost all requests to Focal Point^® check for the Rational Directory Server token before processing occurs. The exception is the Web services API, which does not support Rational Directory Server single sign-on. Web services integrate Focal Point^® with other tools.

▪ You cannot set the RSS and Public Homepage options to Require Authentication. If you set those options to Enabled, the RSS feed and public home page do not require authentication because they are displayed based on the permissions and views of the Rational Directory Server user who is logged in.