This article will help you manually integrate Microsoft Active Directory. This guide should only be followed if directed to do so by Checkbox Support.
Step 1 - Add AD Connection String to <connectionStrings> Section
Open the web.config file in the API folder, scroll to the <connectionStrings> section, and add the appropriate value.
Step 2 - Populate the AD Membership section
Scroll to the Active Directory Membership section and populate the settings with values.
Here is an example of a populated AD Membership section:
Here is a list of definitions/information for the values therein:
defaultProvider – name of AD provider from the <providers> list which will be used. Checkbox 7 does not support multiple providers. Just one from the list will work.
userIsOnlineTimeWindow – time before user will logged out from AD if no activity.
Provider properties:
name – that name will be used in API as contact source name.
type – should not be changed
connectionStringName – string to use from <connectionStrings> section “connectionProtection” – secure or none (if SSL is being used)
connectionUsername – connection user to access
connectionPassword” – connection password
“attributeMapUsername” – mapping of username in AD
enableSearchMethods – should be “true”, application uses AD search
cacheAdGroups – should AD entries be cached. “Configs/Caching.config” contains some detals.
Step 3 - Populate Role Provider Section
Scroll to the Active Directory Role Provider Section and populate the settings with values.
Here is an example of a populated AD Role Provider Section:
Additional Notes:
-
The 'Provider name' value is not used anywhere in the application.
-
domainDn should correspond to the AD connection string (OU and DC entries) of the AD
Membership Provider
-
roleMappings setting maps AD groups to Checkbox roles, so every user in the group obtains the specified role. The syntax should be: "Domain Users=Respondent,Domain Users=Report Viewer,Administrators=System Administrator,checkbox.dev=Survey Administrator"
-
The applyDefaultRolesToUsersWithNoMappedRoles setting is no longer used, as Checkbox 7 always grants “Respondent” and “Report Viewer” roles for all unmapped users.
0 Comments