When remote authentication is enabled, authentication and authorization follow these steps:
The user logs into CC-SG with the appropriate username and password.
CC-SG connects to the external server and sends the username and password.
Username and password are either accepted or rejected and sent back. If authentication is rejected, this results in a failed login attempt.
If authentication is successful, authorization is performed. CC-SG checks if the username entered matches a group that has been created in CC-SG or imported from AD, and grants privileges according to the assigned policy.
When remote authentication is disabled, both authentication and authorization are performed locally on CC-SG.
