Configuring Active Directory Integration

To configure Active Directory integration, follow these steps:

  1. Go to Settings > General > Users & Roles.

  2. Select the AD Domains tab and then click the "+" icon.

  3. The Active Directory Configuration Wizard opens. Proceed as follows:

    1. In the Domain name box, enter the domain name.

    2. In the Preferred DC hostname/IP box, enter the name of the preferred domain controller or its IP address.

    3. Optionally, you can enter the name of the preferred Active Directory groups in the Prioritized integrated groups box.

      Note
      If a user is a member of two or more Active Directory groups, enter the prioritized group’s name in this field.

    4. In the Domain user login box, enter the username that will be applied when integrating Active Directory.

    5. In the Domain user password box, enter the user password that will be applied when integrating Active Directory.

    6. Optionally, enable Use LDAPS option. If checked, port 636 is used for LDAP (Lightweight Directory Access Protocol) over SSL.

    7. Refresh AD information every: Specify a periodicity of refreshing Active Directory information.

    8. In case Active Directory integration was successfully completed before, you can optionally click Remove AD Integration to cancel the AD integration.

      Note

      The Remove AD Integration option is disabled if AD integration is not configured.

    9. Click Apply after you're done.

    10. On the Users page of the wizard, proceed with adding an Active Directory user.

Notes

  • You can add up to 10 AD domains and up to 5.000 AD groups to your solution. Refer to Navigating AD Domains View and Navigating AD Groups View for more details about how to work with AD domains and groups.

  • A new domain must be assigned a unique name.

  • A new AD domain will be added to the list of Active Directory domains and displayed for the corresponding user on the Users tab.

  • After a new AD domain is added, new AD groups that belong to this domain are created.

  • After the existing AD domain is edited/changed, the AD groups that belong to this domain are edited/changed accordingly, for example:

    • If the AD groups are no longer associated with any AD domain, they are deleted.

    • After the items belonging to the AD groups marked as deleted are removed from the product (for example, by another user), these AD groups are deleted.

When the wizard closes, the Users & Roles page opens, displaying the newly-added Active Directory users in the list of users.