Checkbox 7 - Manual Active Directory Integration Instructions

This article will help you manually integrate Microsoft Active Directory. This guide should only be followed if directed to do so by Checkbox Support.


Step 1 - Add AD Connection String to <connectionStrings> Section

Open the web.config file in the API folder, scroll to the <connectionStrings> section, and add the appropriate value.



Step 2 - Populate the AD Membership section

 Scroll to the Active Directory Membership section and populate the settings with values.


Here is an example of a populated AD Membership section:


Here is a list of definitions/information for the values therein:

defaultProvider – name of AD provider from the <providers> list which will be used. Checkbox 7 does not support multiple providers. Just one from the list will work.

userIsOnlineTimeWindow – time before user will logged out from AD if no activity.

Provider properties:
name – that name will be used in API as contact source name.

type – should not be changed

connectionStringName – string to use from <connectionStrings> section “connectionProtection” – secure or none  (if SSL is being used)

connectionUsername – connection user to access

connectionPassword” – connection password

attributeMapUsername” – mapping of username in AD

enableSearchMethods – should be “true”, application uses AD search

cacheAdGroups – should AD entries be cached. “Configs/Caching.config” contains some detals.


Step 3 - Populate Role Provider Section

  Scroll to the Active Directory Role Provider Section and populate the settings with values.


 Here is an example of a populated AD Role Provider Section:


Additional Notes:

  • The 'Provider name' value is not used anywhere in the application.

  • domainDn should correspond to the AD connection string (OU and DC entries) of the AD

    Membership Provider

  • roleMappings setting maps AD groups to Checkbox roles, so every user in the group obtains the specified role. The syntax should be: "Domain Users=Respondent,Domain Users=Report Viewer,Administrators=System Administrator, Administrator"

  • The applyDefaultRolesToUsersWithNoMappedRoles setting is no longer used, as Checkbox 7 always grants “Respondent” and “Report Viewer” roles for all unmapped users.


**All of the previous steps must be repeated for the Checkbox Service config file**


Article is closed for comments.