Configuring Microsoft Active Directory for Integration with NextPage NXT 3 Access Control



Similar documents
Create, Link, or Edit a GPO with Active Directory Users and Computers

LDAP Server Configuration Example

S/MIME on Good for Enterprise MS Online Certificate Status Protocol. Installation and Configuration Notes. Updated: October 08, 2014

Wavecrest Certificate

NSi Mobile Installation Guide. Version 6.2

Configuring Microsoft Active Directory for Oracle Net Naming. An Oracle White Paper April 2014

LifeSize Control Installation Guide

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

Step-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3)

LDAP Implementation AP561x KVM Switches. All content in this presentation is protected 2008 American Power Conversion Corporation

LDAP Server Configuration Example

Install the Production Treasury Root Certificate (Vista / Win 7)

BusinessObjects Enterprise XI Release 2

Microsoft Virtual Labs. Active Directory New User Interface

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

ACTIVE DIRECTORY DEPLOYMENT

Managing User Accounts

WebSpy Vantage Ultimate 2.2 Web Module Administrators Guide

Integrating PISTON OPENSTACK 3.0 with Microsoft Active Directory

Managing User Accounts

Upgrading User-ID. Tech Note PAN-OS , Palo Alto Networks, Inc.

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

SETUP SSL IN SHAREPOINT 2013 (USING SELF-SIGNED CERTIFICATE)

ATT8367-Novell GroupWise 2014 and the Directory Labs

How to Configure Microsoft System Operation Manager to Monitor Active Directory, Group Policy and Exchange Changes Using NetWrix Active Directory

Adobe Connect LMS Integration for Blackboard Learn 9

Outlook Web Access Guide to Installing Root Certificates, Generating CSR and Installing SSL Certificate

Multi-factor Authentication using Radius

Technical Bulletin 005 Revised 2010/12/10

LAB 1: Installing Active Directory Federation Services

Windows XP Exchange Client Installation Instructions

Configuring Microsoft Active Directory 2003 for Net Naming. An Oracle White Paper September 2008

AD Schema Update IPBrick iportalmais

DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication

Verify LDAP over SSL/TLS (LDAPS) and CA Certificate Using Ldp.exe

F-Secure Messaging Security Gateway. Deployment Guide

Managing an Active Directory Infrastructure O BJECTIVES

STATISTICA VERSION 10 STATISTICA ENTERPRISE SERVER INSTALLATION INSTRUCTIONS

PRODUCT WHITE PAPER LABEL ARCHIVE. Adding and Configuring Active Directory Users in LABEL ARCHIVE

Host Installation on a Terminal Server

IPBrick - Member of AD domain IPBrick iportalmais

Generating an Apple Push Notification Service Certificate for use with GO!Enterprise MDM. This guide provides information on...

Team Foundation Server 2012 Installation Guide

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

ILTA HAND 6B. Upgrading and Deploying. Windows Server In the Legal Environment

How to install Small Business Server 2003 in an existing Active

Content Filtering Client Policy & Reporting Administrator s Guide

Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)

RoomWizard Synchronization Software Manual Installation Instructions

APNS Certificate generating and installation

Administration Guide. . All right reserved. For more information about Specops Inventory and other Specops products, visit

DriveLock Quick Start Guide

DigitalPersona Pro Server for Active Directory v4.x Quick Start Installation Guide

Integrating idrac 7 with Microsoft Active Directory

Check Point FDE integration with Digipass Key devices

Setup SSL in SharePoint 2013 Using Domain Certificate

Digipass Plug-In for IAS. IAS Plug-In IAS. Microsoft's Internet Authentication Service. Installation Guide

Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide

Oracle Enterprise Single Sign-on Provisioning Gateway. Administrator Guide Release E

Modular Messaging. Release 3.0 / 3.1. Diminished Permissions for Exchange.

LDaemon. This document is provided as a step by step procedure for setting up LDaemon and common LDaemon clients.

Windows Intune Walkthrough: Windows Phone 8 Management

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

Online Statements. About this guide. Important information

RDS Online Backup Suite v5.1 Brick-Level Exchange Backup

Troubleshooting Active Directory Server

Enabling Kerberos SSO in IBM Cognos Express on Windows Server 2008

Rentavault Online Backup. MS Exchange Mail Level Backup

TECHNICAL DOCUMENTATION SPECOPS DEPLOY / APP 4.7 DOCUMENTATION

Manage Fine-Grained Password and Account Lockout Policies

SFTP Server User Login Instructions. Open Internet explorer and enter the following url:

Setup for PCCharge. Important Pre-Installation Notes for PCCharge. Installation Overview. Step 1 Install And Set Up PCCharge on the Fileserver

Integrating idrac7 With Microsoft Active Directory

Working with Office Applications and ProjectWise

Configuring Load Balancing

Setting Up SSL on IIS6 for MEGA Advisor

Instructions: Configuring Outlook 2003 with Exchange 2010 on the FIUMail

Installation and Configuration Guide

SHARING FILE SYSTEM RESOURCES

Using LifeSize systems with Microsoft Office Communications Server Server Setup

Creating and Issuing the Workstation Authentication Certificate Template on the Certification Authority

Databoks Remote Backup. MS Exchange Mail Level Backup

Active Directory Software Deployment

Microsoft IAS Configuration for RADIUS Authorization

Configuring User Identification via Active Directory

XenDesktop Implementation Guide

DIGIPASS Authentication for Citrix Access Gateway VPN Connections

How to Configure a Secure Connection to Microsoft SQL Server

Ultimus and Microsoft Active Directory

PageScope Router. Version 1.5. Configuration Guide

Chapter 15: Forms. User Guide. 1 P a g e

Solcon Online Backup. MS Exchange Mail Level Backup

Setup Guide for AD FS 3.0 on the Apprenda Platform

Managing User Accounts

Delegated Administration Quick Start

Installing the ASP.NET VETtrak APIs onto IIS 5 or 6

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

Installation Guide v3.0

etoken Enterprise For: SSL SSL with etoken

Transcription:

Configuring Microsoft Active Directory for Integration with NextPage NXT 3 Access Control This document explains how to configure Microsoft Active Directory for integration with NXT 3 access control. Step 1 Edit the Schema The first thing you must do is modify the directory schema by performing the following steps: 1. Start the Microsoft Management Console (MMC) with the command: Start>Run>MMC 2. Under Console, choose Add Snap-in. 1

3. Choose "Active Directory Schema." Note: If the Active Directory snap-in is not available, you must register the DLL by entering the following at the command prompt: Regsvr32 system_root\system32\schmmgmt.dll 2

At this point, you can create new object classes in the directory. 1. Select the Active Directory Schema node, right click and select "Operations Master..." 2. Enable the "The Schema may be modified on this Domain Controller" checkbox. 3

See www.microsoft.com/windows2000/library/planning/activedirectory/adschemasteps.asp for additional information. See http://msdn.microsoft.com/library/psdk/adsi/glschemex_33a7.htm for additional information. Step 2 Define New Attributes for Access Control Each object in the directory schema requires a unique object identifier. There are two ways to associate an object with an identifier. The preferred method is to register with the ISO Name Registration Authority for a root ID to use in generating your class IDs. An alternate method to generate valid OIDs is to use the command line utility, OIDGEN.EXE, which is included with the Microsoft Windows 2000 Resource Kit. 1. From the MMC, select "Attributes." 2. Right-click and then select "Create Attribute..." 4

3. Define the attributes you want mapped to the following internal NXT 3 Access Control Module values: For Administrative permissions, you should define a map for: Allow-Admin-Access Allow-Syndication Allow-Statistics For Content access permissions, you should define a map for: Content-Domain Navigate-Domain Query-Domain Element-Domain Author-Domain Editor-Domain Metadata-Domain For example, you could simply define two attributes, one for each set of attributes: NXTAllowAdmin Context-Insensitive-String with value "1" NXTMetaDataDomain Context-Insensitive-String with value "<Document Id>;<document id>;..." Note: The string specifying domains is semicolon delimited and cannot contain spaces. 5

Note: If the attribute has multiple values, be sure to check the Multi-Valued checkbox. At this point, you can define a New User object (Step 3a) or extend an existing object (Step 3b). 6

Step 3a Define a New Class Object to Hold the New Attributes 1. From the MMC, select Classes. 2. Right-click and select the option "Create Class... 3. Create an object called "NXTUser" of type "Auxiliary." 7

Now add the attributes you previously defined to the NXTUser class. 4. Under Optional, Click Add 5. Scroll to find the attribute name you added from Step 3. 8

6. Repeat the process for each attribute, then click Finish. 9

Step 3b Extend an Existing Class to Hold the New Attributes 1. Right-click and select "Properties" for a class. 2. Select the Attributes tab. 3. Add the properties you created in Step 3 and click OK. 4. Go to Step 5. Step 4 Inherit Properties from an Existing Class 1. From the MMC, find the name of the class in the class list (for instance, "User"). 2. Right-click and select the "Properties" option. 10

3. Select the "Relationship" tab and click the Add button next to the list of Auxiliary Classes. 11

4. Add the class you created in Step 3 (for instance, "NXTUser"). Now all the nodes of the class created in Step 3 have the access control attributes. Step 5 Set the Attribute Values for the Users 1. Open the Active Directory Service Interface (ADSI) Edit utility in the Windows 2000 Server Tools/Support area. 2. Select the object for which you want to apply attribute values (for instance, an individual user or group of users) and right click to select the Properties option. 12

3. Select the Attributes tab. 13

4. Find the Optional Attribute you defined in the pull down list (for instance NextPage Admin). 5. Set the value of the attribute. 6. Click OK. Step 6 Test the Settings 1. Open the Active Directory Users and Computers utility and enable the Guest account. 2. Open ASDI edit, right click at the root DN and then go to Properties. 3. Select the Security tab and click Add. 4. Select the Guest account, enable the Read access checkbox, and click OK. 5. Open the Active Directory Administration Utility found in the Windows 2000 Server Tools/Support area. 6. Under Connection, select Connect, enter the server name and click OK. 14

7. Under Browse > Search, enter the Base Distinguished Name (DN) and Filter. For Scope, enable Subtree. 8. Click Run and then examine the display window. Check that the attributes have been set to the correct values. Step 7 Configure NXT 3 Access Control to Use the ACM See Configuring ACM in the online documentation for complete instructions on how to configure NXT 3 with the ACM.DLL access control module. Step 8 Refresh the LDAP cache on NXT 3 After making changes, it may be necessary to refresh the NXT 3 server s user access control information. You can do this two ways: 1. Use the "Refresh" option under "View" in the Content Network Manager. 2. Request the following URL in a browser: 15

http://yourservername/nxt/gateway.dll?f=executive&executive_command=acmref reshuser&username=updatedusername. If you omit the username parameter, it will refresh the entire cache. 16

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information