Electronic Signature Setup
If the eSignatures are in an LDAP directory that has already been established for Windchill, there is no additional setup required.
If your authorization environment is configured for single sign-on (SSO) verification, you can configure your site to prompt for user credentials before submitting a signature.
If an LDAP directory is not used with Windchill, you can use the JNDI adapter to validate authentication.
* 
To use a JNDI adapter for electronic signature authentication, the following fields in the JNDI adapter definition must be populated with the distinguished name and password to be used to authenticate requests made to the LDAP directory service:
Directory System Agent User
Directory System Agent Credentials
You must identify the directory in the wt.org.electronicIdentity.authenticationService property. From a Windchill shell, execute the following commands:
To display the current value of the property:
xconfmanager -d wt.org.electronicIdentity.authenticationService
Specify the existing and new value (append new value to the existing property value). You can specify one or more JNDI adapter Service Names. Use a comma to separate the adapter names. See the xconfmanager guidelines for specifying multiple property and property value combinations:
xconfmanager -s wt.org.electronicIdentity.authenticationService=
<JNDIadapter service name(s)> -t <Windchill>/codebase/
wt.properties -p
Where <Windchill> is the location where Windchill is installed.
The parameter wt.org.electronicIdentification.class can be set to determine the authentication required. The parameter can be set as follows:
wt.org.electronicIdentity.engines.LDAPPasswordSignatureEngine – this signature engine only requires a password to be supplied. It verifies that the password belongs to the currently logged in user.
wt.org.electronicIdentity.engines.LDAPFDACompliantSignatureEngine – this signature engine requires both a user name and a password field to be entered, in compliance with FDA rule 21 CFR part 11 section 11.2. It verifies that the user name and password belong to the currently logged in user.
Was this helpful?