Single sign-on

Users have to provide their username and password only once on any MU and receive access according to their authorization to all functions of all SE Servers, including -> add-ons.
In the case of server-specific LDAP configurations, the login with an LDAP account has to be executed on a MU of the suitable server.

Global session

The session is global or over-arching. The MU can be changed without further authentication in a server-overarching way, for example when starting add-ons.
Requirement: DNS server and LDAP (if necessary) must be available for all MUs.

Example:
Displaying a global session (see the first column) for the (own, highlighted in blue) account johndoe

Global management of accounts

All accounts  – local and LDAP – are valid for the whole Management Cluster. They are ready on every MU of every SE Server in the same measure.

Example:
The account johndoe is (centrally) created and managed.

The passwords (for local accounts) and other properties as well as individual rights (for operators) are also managed centrally.