Checkbox 7 - Manual Active Directory Integration Instructions

Avatar
Colin
Follow

This article will help you manually integrate Microsoft Active Directory. This guide should only be followed if directed to do so by Checkbox Support.

 

Step 1 - Add AD Connection String to <connectionStrings> Section

Open the web.config file in the API folder, scroll to the <connectionStrings> section, and add the appropriate value.

 connectionstringimage.png

 

Step 2 - Populate the AD Membership section

 Scroll to the Active Directory Membership section and populate the settings with values.

ADmembershipimage.png

Here is an example of a populated AD Membership section:

ADmembershipexample.png

Here is a list of definitions/information for the values therein:

defaultProvider – name of AD provider from the <providers> list which will be used. Checkbox 7 does not support multiple providers. Just one from the list will work.

userIsOnlineTimeWindow – time before user will logged out from AD if no activity.

Provider properties:
name – that name will be used in API as contact source name.

type – should not be changed

connectionStringName – string to use from <connectionStrings> section “connectionProtection” – secure or none  (if SSL is being used)

connectionUsername – connection user to access

connectionPassword” – connection password

attributeMapUsername” – mapping of username in AD

enableSearchMethods – should be “true”, application uses AD search

cacheAdGroups – should AD entries be cached. “Configs/Caching.config” contains some detals.

 

Step 3 - Populate Role Provider Section

  Scroll to the Active Directory Role Provider Section and populate the settings with values.

roleproviderimage.png

 Here is an example of a populated AD Role Provider Section:

roleproviderexample.png

Additional Notes:

  • The 'Provider name' value is not used anywhere in the application.

  • domainDn should correspond to the AD connection string (OU and DC entries) of the AD

    Membership Provider

  • roleMappings setting maps AD groups to Checkbox roles, so every user in the group obtains the specified role. The syntax should be: "Domain Users=Respondent,Domain Users=Report Viewer,Administrators=System Administrator,checkbox.dev=Survey Administrator"

  • The applyDefaultRolesToUsersWithNoMappedRoles setting is no longer used, as Checkbox 7 always grants “Respondent” and “Report Viewer” roles for all unmapped users.

 

**All of the previous steps must be repeated for the Checkbox Service config file**

0 Comments

Article is closed for comments.