Active Directory Validation - User Guide



Similar documents
Marcum LLP MFT Guide

IIS, FTP Server and Windows

Livezilla How to Install on Shared Hosting By: Jon Manning

How to install and use the File Sharing Outlook Plugin

SSL VPN Setup for Windows

Virtual Code Authentication User s Guide. June 25, 2015

CHARTER BUSINESS custom hosting faqs 2010 INTERNET. Q. How do I access my ? Q. How do I change or reset a password for an account?

Montefiore Portal Quick Reference Guide

Training module 2 Installing VMware View

Remote Desktop Solution, (RDS), replacing CITRIX Home Access

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

ADFS Integration Guidelines

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

Instructions: Configuring Outlook 2003 with Exchange 2010 on the FIUMail

How To - Implement Single Sign On Authentication with Active Directory

How to connect to the diamonds wireless network with Vista.

Active Directory Integration

Using MailStore to Archive MDaemon

Windows XP Exchange Client Installation Instructions

User s Guide For Department of Facility Services

Using Internet or Windows Explorer to Upload Your Site

How To Set Up A Sartorius Mailbox In Outlook On A Non-Standard Pc On A Windows Xp Oracle 365 On A Pc Oracle365 On A Sertorius Mailbox On A Microsoft Office365 On Pc Orca 2 On A

NT Authentication Configuration Guide

Remedy ITSM Service Request Management Quick Start Guide

Mapping ITS s File Server Folder to Mosaic Windows to Publish a Website

TSM for Windows Installation Instructions: Download the latest TSM Client Using the following link:

Microsoft Outlook 2010

Installation Guides - Information required for connection to the Goldfields Institute s (GIT) Wireless Network

Active Directory Authentication Integration

PRODUCT WHITE PAPER LABEL ARCHIVE. Adding and Configuring Active Directory Users in LABEL ARCHIVE

Check current version of Remote Desktop Connection for Mac.. Page 2. Remove Old Version Remote Desktop Connection..Page 8

1. Open Thunderbird. If the Import Wizard window opens, select Don t import anything and click Next and go to step 3.

Egnyte Single Sign-On (SSO) Installation for OneLogin

Virtual Office Remote Installation Guide

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Application Note. Using Mercury/32 as an SMTP Relay Client

MY HELPDESK - END-USER CONSOLE...

How to use SURA in three simple steps:

Configuration Guide - OneDesk to SalesForce Connector

How To - Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment

User Guide Trust Safety Accounting Upload PC Law and SFTP Software Release: Final Date

Hallpass Instructions for Connecting to Mac with a Mac

S/Medicine Mac OS X Domain Binding Instructions

Configure Single Sign on Between Domino and WPS

Add in Guide for Microsoft Dynamics CRM May 2012

How to remotely access your Virtual Desktop from outside the college using VMware View Client. How to guide

Dial-up Installation for CWOPA Users (Windows Operating System)

Active Directory integration with CloudByte ElastiStor

Configuring Devices for Use with Cisco Configuration Professional (CCP) 2.5

AVTranz The Court Record Online (TCRO) Operating Instructions Vermont Court System

Setting up an account and logging in using Design & Print Online. Opening a saved project

Cloud Services. Lync. IM/ Web Conferencing Admin Quick Start Guide

Knowledge Base. Setup GoogleApps in Outlook Pages. Zeumic Pty Ltd. PO Box 44 Kew, VIC Australia 3101

Quick Instructions Installing on a VPS (Virtual Private Server)

Connecting to Wi-Fi Using Windows 7

OUTLOOK EXPRESS ACCOUNT SETUP FOR USE WITH ELLIPSE ADVANCED SPAM FILTER

How To Set Up Dataprotect

Page 1 of 11. Setting up VPN on Windows XP. Setting up VPN on Windows XP version 1.2

Installation Guide. Research Computing Team V1.9 RESTRICTED

This Deployment Guide is intended for administrators in charge of planning, implementing and

Snow Active Directory Discovery

How To Use Exhange On Outlook On A Pc Or Macintosh Outlook 2007 On Your Pc Or Ipad (For Windows Xp) On Your Ipad Or Ipa (For Your Windows Xp). (For A Macintosh) On A

Personal Online Banking:

SOS SO S O n O lin n e lin e Bac Ba kup cku ck p u USER MANUAL

Law School Computing Services User Memo

Novo Nordisk Secure File Transfer User Guide

Authenticating users of Cisco NCS or Cisco Prime Infrastructure against Microsoft NPS (RADIUS)

Migration User Guides: The Console Application Setup Guide

1. Right click using your mouse on the desktop and select New Shortcut.

Installing LearningBay Enterprise Part 2

Microsoft Lync TM Order & Provisioning. Admin Guide

Configuring the Active Directory Plug-in

Fairfield University Using Xythos for File Sharing

How to recover IE Client

Absolute IT Solutions Product Catalog / Sales Order Maker Application

User Guide for eduroam

Here are the steps to configure Outlook Express for use with Salmar's Zimbra server. Select "Tools" and then "Accounts from the pull down menu.

WHMCS LUXCLOUD MODULE

escan SBS 2008 Installation Guide

OCS Virtual image. User guide. Version: Viking Edition

CORPORATE SERVICE SETUP

Outlook Web App (Online)... 3 Outlook 2013 (Desktop) Apple Mail Mobile Devices Android iphone... 40

Setting up Hyper-V for 2X VirtualDesktopServer Manual

Accessing the Media General SSL VPN

DEP S REMOTE ACCESS USER GUIDE

Configuring Positron s V114 as a VoIP gateway for a 3cx system

Connecting to the University Wireless Network

MyanPay API Integration with Magento CMS

Connecting to UNOSECURE using Windows 7

Installation Guide v3.0

Professional Mailbox Software Setup Guide

VoIPon Tel: +44 (0) Fax: +44 (0)

For Mac User Directions, see page 5

Instructions for Using Secure . (SMail) via Outlook Web Access. with an RSA Token

Managed Devices - Web Browser/HiView

NetBeat NAC Version 9.2 Build 4 Release Notes

Secure Messaging Server Console... 2

All mail administration activities can be carried out using the Domain Management Console.

Kaseya 2. User Guide. Version 6.1

1. Navigate to Control Panel and click on User Accounts and Family Safety. 2. Click on User Accounts

Transcription:

Composite 2015-12-07 Composite A/S Nygårdsvej 16 DK-2100 Copenhagen Phone +45 3915 7600 www.composite.net

Contents 1 INTRODUCTION... 3 1.1 Who Should Read This Guide? 3 1.2 Getting Started 4 2 CREATING A С1 CONSOLE ADMIN FOR AN ACTIVE DIRECTORY USER... 5 3 INSTALLING THE PACKAGE... 8 4 SETTING BASIC AUTHENTICATION IN IIS... 9 5 LOGGING IN TO THE C1 CONSOLE WITH AD CREDENTIALS... 10 6 MATCHING ACTIVE DIRECTORY AND C1 CONSOLE USERS... 11 7 USING A TRIAL VERSION... 13 Page 2 of 13

1 Introduction Before accessing the Administrative Console, Composite C1 users are required to authenticate by providing their usernames and passwords. In this way, all non-authenticated users will not be able to log in and work in the C1 Console. This is the standard Composite C1 user validation system. As Composite C1 is flexible and extendible, it allows you to use an external authentication system for user validation if necessary. In some cases, using an external system has its advantages. For example, some authentication systems additional features that enhanced overall security. On the other hand by using an external system, you can avoid double authentication. You can authenticate within this system and further access to other securityaware systems will be automatic without providing the same credentials over and over again. This both simplifies authentication and maintains high-level security. Active Directory has all necessary facilities for network administration and security and handles authentication and authorization of all users and computers in a Windows domainbased network. This makes it a perfect choice to be that external authentication system for Composite C1. To implement Active Directory user validation against the C1 Console, you need the Composite.Tools.C1Console.ActiveDirectoryValidation package. Figure 1: Active Directory users mapped to the C1 Console users This package integrates the Active Directory user validation into the Composite C1 security system and allows Active Directory users to automatically authenticate in the C1 Console. Integrating the Active Directory validation with Composite C1 takes just a few simple steps, and, as a result, Active Directory users can skip the login screen when accessing the C1 Console without compromising any security. And being standard C1 Console users, too, they can be assigned various roles to access only those Composite C1 areas and carry out only those activities that their role allows them to. 1.1 Who Should Read This Guide? This guide is mostly intended for website administrators who want to simplify C1 Console logins by using Windows authentication instead of the standard C1 Console authentication. Page 3 of 13

As such, you will primarily work within the Users perspective creating users and, if necessary, user groups. To install the package, you will need permissions to install packages in the System perspective. You will also need to edit the website s authentication configuration via IIS Manager. 1.2 Getting Started To get started with the Active Directory Validation package, you are supposed to take a number of steps. Getting Started Step Activity Chapter or section 1 Create a C1 Console user with administrative permissions to match an Active Directory user Creating a С1 Console Admin for an Active Directory user 2 Install the package Installing the package 3 Configure Basic Authentication on IIS Setting Basic Authentication in IIS 4 Log in to the C1 Console Logging in to the C1 Console with AD credentials 5 Add more C1 Console users to match Active Directory users Matching Active Directory and C1 Console users Page 4 of 13

2 Creating a С1 Console Admin for an Active Directory user For the Active Directory user validation to work instead of the standard C1 Console validation, you should match Active Directory users and C1 Console users. To match them, you need to have the users with the same usernames in both Active Directory and the C1 Console. You can either create an Active Directory user to represent the existing C1 Console user, or create a C1 Console user to represent an Active Directory user. The former is a less common scenario so this guide will focus on the latter scenario. After implementing Active Directory user validation for the C1 Console, the standard admin account will most likely stop working (unless you have the AD account with the same user name) To be able to administrate the C1 Console, you should have at least one C1 Console user with the administrative permissions that has the same username as an existing AD user. You should make sure that such a user exists in the C1 Console before installing the Active Directory validation package. 1. In the System perspective, make sure that the "Administrator" group exists. Figure 2: The Administrator group 2. Otherwise, create a user group with at least: the "Administrate" and Configure global permissions enabled and access to the System perspective Page 5 of 13

Figure 3: The user group with administrative permissions 3. In the System perspective, add a user: Name: specify the username of an existing Active Directory user. Password: specify any password. 4. Fill out other fields as needed and click OK. Figure 4: Creating an administrator in the C1 Console 5. Assign this user the Administrators group on the Permission tab. Page 6 of 13

Figure 5: Assigning the administrator group to the user Important: You should specify the AD username without the domain prefix. For example, if the AD user is 'contoso\c1admin', create a user named 'c1admin'. Note: You can specify any password as it will be ignored and not be used with the Windows authentication. Later you can create other C1 Console users to match other AD users. Page 7 of 13

3 Installing the package The installation of the package is no different from installation of any other Composite C1 packages. Figure 6: Installing the Active Directory Validation package 1. Log into the C1 Console as an administrator. 2. In the "System" perspective, open the folders "Packages" "Available Packages" "Composite.Tools". 3. Select "Composite.Tools.C1Console.ActiveDirectoryValidation". 4. Click "Package Info" on the button bar. 5. In the "Package Info" view, click "Install". 6. Complete the wizard. 7. Exit the C1 console after the installation. Note: In some cases, the installation can end with a login screen. This is expected: the package changes the authentication method in Composite C1. Simply close the browser tab/window with the C1 Console. Before you log in to the C1 Console with your AD credentials, you need to configure a proper authentication method for your website. Page 8 of 13

4 Setting Basic Authentication in IIS For the Active Directory user validation to work for C1 Console logins, you should set up proper authentication method for your website in IIS: 1. In IIS Manager, expand the website folder structure. 2. Select the subfolder ~/Composite on your website. 3. Open its Authentication configuration. 4. Enable Basic Authentication. 5. Disable all the other authentication methods. Now you can log in to the C1 Console. Figure 7: Enabling Basic Authentication Page 9 of 13

5 Logging in to the C1 Console with AD credentials After implementing the Active Directory user validation for the C1 Console, you can log in to the C1 Console by opening its administrative page at http://<your_website>/composite/top.aspx. When you log in to the C1 Console for the first time, you'll be asked to enter your username and password in a popup window. Use your Active Directory credentials. Prefix your username with the domain name, e.g. "contoso\johndoe". Figure 8: Logging in with the Active Directory credentials for the first time Next time, you will not need to enter your username/password and will be logged in to the C1 Console automatically. Figure 9: Automatic authentication Page 10 of 13

6 Matching Active Directory and C1 Console users Now that the Active Directory user validation is in place, you can go on to match other Active Directory users to C1 Console users. As mentioned before, to match them, you need to have the users with the same usernames in both Active Directory and the C1 Console. As we assume that you have a number of existing Active Directory users that will log in to the C1 Console, you will need to create C1 Console users to represent them. For each Active Directory user you want to log in to the C1 Console: 1. In the System perspective, add a user: Name: specify the username of an existing Active Directory user. Password: specify any password. Figure 10: Creating other users to match those in AD 2. Fill out other fields as needed and click OK. 3. Assign the user a proper role by selecting one or more user groups on the Permission tab. Page 11 of 13

Figure 11: Assigning new users to various users groups Page 12 of 13

7 Using a Trial Version If you are using a trial version of the package, it will expire in 30 days. After that, the AD users other than the administrator will not be able to log in to the C1 Console and will be redirected to the "shopcart" page. The AD user who is an administrator in the C1 Console will be able to log in. Every time any user logs into the C1 Console, this message will pop up. Figure 12: Trial period expiration popup message After the trial version expires, you should purchase and install the commercial license for this package. This will remove the restrictions. Page 13 of 13

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information