Active Directory Security Groups: Difference between revisions
No edit summary |
No edit summary |
||
| Line 7: | Line 7: | ||
3. Configure the following properties for the user: | 3. Configure the following properties for the user: | ||
- User ID | - User ID: The User ID must be set to #AD_TEMPLATE_USER#. | ||
- Location Name | - Location Name:The default location that you want to be applied when a new user is added to TraCS. | ||
- Encryption Key | - Encryption Key: The default encryption key to apply to new TraCS users. Defaults to UniversalKey. | ||
| Line 33: | Line 33: | ||
8. Apply settings in the editor and restart the application pool once complete. | 8. Apply settings in the editor and restart the application pool once complete. | ||
===Settings=== | |||
Mobile Units must have LoginType=ActiveDirectoryPrompt | |||
[[Image: ADMobileSettings.jpg]] | |||
Office Units (servers) must have LoginType=ActiveDirectory | |||
*If changing a web server's log in type you must restart the application pool | |||
[[Image: ADOfficeSettings.jpg]] | |||
Revision as of 09:59, 6 November 2024
Create Template User
1. Open the User Editor
2. Click the Add User button.
3. Configure the following properties for the user:
- User ID: The User ID must be set to #AD_TEMPLATE_USER#.
- Location Name:The default location that you want to be applied when a new user is added to TraCS.
- Encryption Key: The default encryption key to apply to new TraCS users. Defaults to UniversalKey.
Update Database Connection Settings
TraCS staff will have to do this for you on your Web server.
1. Add a connection string called 'Active Directory' under Other
2. Enter LDAP string like 'ldap://domainservername'
3. Set the LoginGroup to 'TraCSLogin'
4. Access Levels set to 'True'
5. Associated Users set to 'True'
6. User Groups set to 'False'
7. You may or may not need to enter log in credentials.
8. Apply settings in the editor and restart the application pool once complete.
Settings
Mobile Units must have LoginType=ActiveDirectoryPrompt
Office Units (servers) must have LoginType=ActiveDirectory
- If changing a web server's log in type you must restart the application pool
Active Directory Groups
Create the following groups in Active Directory (AD):
TraCS Records
TraCS Reporter
TraCS Supervisor
TraCS System Admin
TraCSAccessLevelRecords
TraCSAccessLevelReporter
TraCSAccessLevelSupervisor
TraCSAccessLevelSystemAdmin
TraCSAUAll Users_Records
TraCSAUAll Users_Reporter
TraCSAUAll Users_Supervisor
TraCSAUAll Users_SystemAdmin
TraCSGroupAll Users
TraCSLogin
Existing AD Users (or existing AD groups) will be a member of one of these AD Security Groups:
TraCS Records
TraCS Reporter
TraCS Supervisor
TraCS System Admin
Each of these TraCS AD Security groups will be a member of:
TraCS Records
Member of:
TraCSAccessLevelRecords
TraCSGroupAll Users
TraCSLogin
TraCSAUAll Users_Records
TraCS Reporter
Member of:
TraCSAccessLevelReporter
TraCSGroupAll Users
TraCSLogin
TraCSAUAll Users_Records
TraCS Supervisors
Member of:
TraCSAccessLevelRecords
TraCSAccessLevelReporter
TraCSAccessLevelSupervisor
TraCSGroupAll Users
TraCSLogin
TraCSAUAll Users_Records
TraCSAUAll Users_Reporter
TraCSAUAll Users_Supervisor
TraCS SystemAdmin
Member of:
TraCSAccessLevelRecords
TraCSAccessLevelReporter
TraCSAccessLevelSupervisor
TraCSAccessLevelSystemAdmin
TraCSGroupAll Users
TraCSLogin
TraCSAUAll Users_Records
TraCSAUAll Users_Reporter
TraCSAUAll Users_Supervisor
TraCSAUAll Users_SystemAdmin
Sample User (Records)
