Active Directory Sync (AD) How to Setup



Similar documents
Active Directory Sync (AD) How it Works in WhosOnLocation

OneLogin Integration User Guide

Technical Overview. Active Directory Synchronization

Alert Notification of Critical Results (ANCR) Public Domain Deployment Instructions

Fairsail. Implementer. Fairsail to Active Directory Synchronization. Version 1.0 FS-PS-FSAD-IG R001.00

NSi Mobile Installation Guide. Version 6.2

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

For details about using automatic user provisioning with Salesforce, see Configuring user provisioning for Salesforce.

Configuring Salesforce

Technical Bulletin 005 Revised 2010/12/10

SchoolBooking SSO Integration Guide

Copyright: WhosOnLocation Limited

Configure Single Sign on Between Domino and WPS

Getting Started with Clearlogin A Guide for Administrators V1.01

Setup guide. TELUS AD Sync

Summary. How-To: Active Directory Integration. April, 2006

ADFS Integration Guidelines

How To Use Libap With A Libap Server With A Mft Command Center And Internet Server

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy

Security Provider Integration Kerberos Authentication

SchoolBooking LDAP Integration Guide

Configuration Guide BES12. Version 12.3

ShoreTel Active Directory Import Application

qliqdirect Active Directory Guide

Upgrading User-ID. Tech Note PAN-OS , Palo Alto Networks, Inc.

Configuration Guide BES12. Version 12.2

Livezilla How to Install on Shared Hosting By: Jon Manning

USER GUIDE. Lightweight Directory Access Protocol (LDAP) Schoolwires Centricity

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.

WHMCS LUXCLOUD MODULE

SharePoint AD Information Sync Installation Instruction

How to configure the TopCloudXL WHMCS plugin (version 2+) Update: Version: 2.2

Windows 2000 Active Directory Configuration Guide

Computer Services Documentation

Setup and configuration for Intelicode. SQL Server Express

Installing and Using the Zimbra Reporting Tool

Protected Trust Directory Sync Guide

SCOPTEL WITH ACTIVE DIRECTORY USER DOCUMENTATION

Citrix EasyCall Gateway Pre-Installation Checklist

MIGRATING TO AVALANCHE 5.0 WITH MS SQL SERVER

Password Manager. Version Password Manager Quick Guide

Security Assertion Markup Language (SAML) Site Manager Setup

Swisscom Mobile Device Services Quick Start Guide: Set-up Remote Management basic. Mobile Device Services Februar 2014

Configuration Guide. BES12 Cloud

IIS, FTP Server and Windows

Password Management Guide

Setup Corporate (Microsoft Exchange) . This tutorial will walk you through the steps of setting up your corporate account.

Mozilla Thunderbird: Setup & Configuration Learning Guide

Installation Guide. SafeNet Authentication Service

Single Sign-On Implementation Guide

USER GUIDE. Snow Inventory Data Receiver Version 2.1 Release date Installation Configuration Document date

Using a Remote SQL Server Best Practices

Quick Start Guide. Cerberus FTP is distributed in Canada through C&C Software. Visit us today at

F-Secure Messaging Security Gateway. Deployment Guide

Using Remote Web Workplace Version 1.01

CA Nimsoft Service Desk

Application Note: FTP Server Setup on computers running Windows-7 For use with 2500P-ACP1

Alinto Mail Server Pro

User Service and Directory Agent: Configuration Best Practices and Troubleshooting

WHITE PAPER BT Sync, the alternative for DirSync during Migrations

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

Security Provider Integration RADIUS Server

Sharepoint server SSO

Virtual Managment Appliance Setup Guide

Hosted Microsoft Exchange 2013 Service. Getting Started Guide

Training module 2 Installing VMware View

F-SECURE MESSAGING SECURITY GATEWAY

ShoreTel Active Directory Import Application

Cloudwork Dashboard User Manual

ADFS for. LogMeIn and join.me authentication

escan SBS 2008 Installation Guide

Configuration Guide BES12. Version 12.1

Avaya Aura System Manager 6.2 LDAP Directory Synchronization Whitepaper

How To Configure A Bomgar.Com To Authenticate To A Rdius Server For Multi Factor Authentication

Configuring. SuccessFactors. Chapter 67

HOTPin Integration Guide: Google Apps with Active Directory Federated Services

Configuring SuccessFactors

Preparing for GO!Enterprise MDM On-Demand Service

What is the Barracuda SSL VPN Server Agent?

Administration: Users and Roles

Checkpoint firewall Quick Integration Guide. for PacketFence version 4.6.0

Virtual Web Appliance Setup Guide

DigiVault Online Backup Manager. Microsoft SQL Server Backup/Restore Guide

IPedge Feature Desc. 5/25/12

Install FileZilla Client. Connecting to an FTP server

Quick Start Guide. User Manual. 1 March 2012

Access Instructions for United Stationers ECDB (ecommerce Database) 2.0

Quality Center LDAP Guide

IBM Campaign Version-independent Integration with IBM Engage Version 1 Release 3 April 8, Integration Guide IBM

Configuring EPM System for SAML2-based Federation Services SSO

NTT Web Hosting Service [User Manual]

Open Directory. Contents. Before You Start 2. Configuring Rumpus 3. Testing Accessible Directory Service Access 4. Specifying Home Folders 4

Configuring ADFS 3.0 to Communicate with WhosOnLocation SAML

Active Directory Integration Notes. Introduction. Overview

Configuring a Windows 2003 Server for IAS

University of Hertfordshire RDM Remote Access Guide

and Active Directory Adding, Changing and Deleting Accounts, Compiling Addresses for Mail Lists

Active Directory Self-Service FAQ

Transcription:

Active Directory Sync (AD) How to Setup 1 P a g e

Contents How to Setup Active Directory Sync... 3 Download your AD Script... 3 Configuration... 5 Active Directory Sync F.A.Q... 6 2 P a g e

How to Setup Active Directory Sync Pre-requisite: You must be an Account Owner in order to perform the Initial Steps. If you are not an Account Owner and you do not know who your WhosOnLocation Account Owner is; please email helpdesk@whosonlocation.com and will advise you. Download your AD Script 1. Login to your WhosOnLocation Account 2. Select Tools > Account > Employee Management You will see this screen below: 3. Select the Yes option alongside Active Directory Sync (AD) 4. The Active Directory Sync Enabled acknowledgement will show. Select Close. 3 P a g e

5. Download Script: You will be presented with the Download Script button. Select this to download your unique script. Please note: The API key illustrated on this screen is unique to your organisation. You do not need to copy it as we pre-populate that into your script when you download it. However, we illustrate it for your reference. 6. New employee policy. When a new employee is added to your WhosOnLocation account via Active Directory Sync visitors will be able to select them as their Host immediately. However in order for the employee to gain access to their WhosOnLocation account for the purposes of pre-registering visitors, tagging themselves on or off-site, or access any of the User Roles, they must first be sent an activation email. There are two options for activating this email: a. Manual Activation means one of your WhosOnLocation Administrators must grant them access manually by sending the employee an Activation Email from the Employee management tools under Tools > Locations > View Location > Employees. On receipt of the activation email the employee selects the embedded link (inside the email) and they are directed to the login screen of your WhosOnLocation account. They must then create a password in order to login. b. Automatic Activation means when a new employee is added to your WhosOnLocation account via the Active Directory Sync, an activation email is sent automatically to the new employee inviting them to create their own password in order to login. 4 P a g e

Configuration You must enter five configuration items in to the Sync script. We provide default values to assist. Appkey This is a secure token which uniquely identifies your company in our software, we preenter this value for you. Location (optional) default: "" The staff location normally is matched from the l LDAP attribute, this can be overridden by setting the location variable in the script. Multiple copies of the Sync script can be run with different location variable and LDAP parameters to ensure the staff are imported to the correct place. LDAP host default: localhost The hostname of the AD domain controller within your infrastructure to run the LDAP query. Since the script is running within your network there are no external connections to your domain controller or firewall changes needed. LDAP base example: "CN=Users,DC=example,DC=com" The point within your Active Directory tree to search for user accounts. LDAP search default: "(objectclass=user)" The criteria to match a user account within the Active Directory tree for export to WhosOnLocation. LDAP fields The LDAP attributes to send to WhosOnLocation. This is pre-set to "displayname, GivenName, sn, title, department, l, physicaldeliveryofficename, co, company, mail, mobile, telephonenumber". -------------------------------------------------------------------------------------------------------------------- 5 P a g e

Active Directory Sync F.A.Q 1. Q: We have multiple locations using WhosOnLocation. How do we assign the employees to their respective Locations setup in our WhosOnLocation account? A: The staff location normally is matched from the 'l' LDAP attribute, this can be overridden by setting the location variable in the script. Multiple copies of the Sync script can be run with different location variable and LDAP parameters to ensure the staff are imported to the correct place. 2. Q: Do users still login using the password they create themselves? A: Yes unless you use Single Sign-on, all users will create their own password when they initially receive their Activation Email (if applicable). 3. Q: Can users change their password? A: Yes. Users can change their password anytime by opening their Profile and selecting Change my Password. 4. Q: Can we still add employees manually if they do not appear in our Active Directory? A: Yes. However assuming you include the new employee s email address when setting them up, should they ever be added to your Active Directory, their manually created record will be updated with the first Active Directory Sync and overridden using the Active Directory Sync employee profile. If the Active Directory employee profile records a different email address to that of the manually created profile, then two, independent profiles, will exist. In such circumstances we recommend removing the manually created one. 5. Q: WhosOnLocation does not permit an employees (or any) email address to be used more than once. So two or more employees cannot share an email address. So how does WhosOnLocation treat an Active Directory Sync where the same email address is recorded against two or more employees? A: Subsequent duplicates will be ignored in the Sync. 6. Q: Can you tell me anything about the security of the AD Data transfer? A: The AD Sync application connects back to the WhosOnLocation API server over a secure HTTPS connection. The application will only accept a connection to a valid and trusted certificate before sending any data. Our certificate is issued by Comodo UK and provides a chain of trust back to the default Windows certificate store. We have an additional option in the Sync application to verify the public key, this will directly compare the public key for the remote side to the known value for api.whosonlocation.com. This option forgoes the issuer validation and ensures that it is absolutely connected to WhosOnLocation, a fake trusted certificate cannot be used to intercept communications. If you require any further information about AD for WhosOnLocation please contact us on: Email: helpdesk@whosonlocation.com 6 P a g e

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information