Active Directory Security Groups: Difference between revisions
No edit summary |
No edit summary |
||
| Line 55: | Line 55: | ||
Create the following groups in Active Directory (AD): | Create the following groups in Active Directory (AD): | ||
TraCS Records | '''Sample User (Records)''' | ||
[[File:ADSampleUser.png]] | |||
TraCS Records | |||
TraCS Reporter | |||
TraCS RecordsDataEntry | |||
TraCS Supervisor | |||
TraCS System Admin | |||
TraCSAccessLevelRecords | |||
TraCSAccessLevelReporter | |||
TraCSAccessLevelRecordsDataEntry | |||
TraCSAccessLevelSupervisor | |||
TraCSAccessLevelSystemAdmin | |||
TraCSAUAll Users_Records | |||
TraCSAUAll Users_Reporter | |||
TraCSAUAll Users_RecordsDataEntry | |||
TraCSAUAll Users_Supervisor | |||
TraCSAUAll Users_SystemAdmin | |||
TraCSGroupAll Users | |||
TraCSLogin | |||
Existing AD Users (or existing AD groups) will be a member of one of these AD Security Groups: | Existing AD Users (or existing AD groups) will be a member of one of these AD Security Groups: | ||
TraCS Records | TraCS Records | ||
TraCS Reporter | |||
TraCS RecordsDataEntry | |||
TraCS Supervisor | |||
TraCS System Admin | |||
Each of these TraCS AD Security groups will be a member of | |||
'''TraCS Records''' | |||
''Member of:'' | |||
TraCSAccessLevelRecords | |||
TraCSGroupAll Users | |||
TraCSLogin | |||
TraCSAUAll Users_Records | |||
'''TraCS Reporter''' | |||
''Member of:'' | |||
TraCSAccessLevelReporter | |||
TraCSGroupAll Users | |||
TraCSLogin | |||
TraCSAUAll Users_Records | |||
'''TraCS RecordsDataEntry | |||
''' | |||
''Member of:'' | |||
TraCSAccessLevelRecordsDataEntry | |||
TraCSAccessLevelRecordsDataEntry | |||
TraCSGroupAll Users | |||
TraCSLogin | |||
TraCSAUAll Users_RecordsDataEntry | |||
'''TraCS | '''TraCS Supervisors''' | ||
''' | ''Member of:'' | ||
TraCSAccessLevelRecords | |||
TraCSAccessLevelReporter | |||
TraCSAccessLevelCitationReporter | |||
TraCSAccessLevelWarningReporter | |||
TraCSAccessLevelSupervisor | |||
TraCSGroupAll Users | |||
TraCSLogin | |||
TraCSAUAll Users_Records | |||
TraCSAUAll Users_Reporter | |||
TraCSAUAll Users_CitationReporter | |||
TraCSAUAll Users_WarningReporter | |||
TraCSAUAll Users_Supervisor | |||
'''TraCS SystemAdmin''' | |||
''Member of:'' | |||
TraCSAccessLevelRecords | |||
TraCSAccessLevelReporter | |||
TraCSAccessLevelCitationReporter | |||
TraCSAccessLevelWarningReporter | |||
TraCSAccessLevelSupervisor | |||
TraCSAccessLevelSystemAdmin | |||
TraCSGroupAll Users | |||
TraCSLogin | |||
TraCSAUAll Users_Records | |||
TraCSAUAll Users_Reporter | |||
TraCSAUAll Users_CitationReporter | |||
TraCSAUAll Users_WarningReporter | |||
TraCSAUAll Users_Supervisor | |||
TraCSAUAll Users_SystemAdmin | |||
Revision as of 10:05, 6 November 2024
Create Template User
1. Open the User Editor
2. Click the Add User button.
3. Configure the following properties for the user:
- User ID: The User ID must be set to #AD_TEMPLATE_USER#.
- Location Name:The default location that you want to be applied when a new user is added to TraCS.
- Encryption Key: The default encryption key to apply to new TraCS users. Defaults to UniversalKey.
Update Database Connection Settings
TraCS staff will have to do this for you on your Web server.
1. Add a connection string called 'Active Directory' under Other
2. Enter LDAP string like 'ldap://domainservername'
3. Set the LoginGroup to 'TraCSLogin'
4. Access Levels set to 'True'
5. Associated Users set to 'True'
6. User Groups set to 'False'
7. You may or may not need to enter log in credentials.
8. Apply settings in the editor and restart the application pool once complete.
Settings
File path/name: C:\ProgramData\TraCS\Settings\Settings.ini
Mobile Units must have LoginType=ActiveDirectoryPrompt
Office Units (servers) must have LoginType=ActiveDirectory
- If changing a web server's log in type you must restart the application pool
Active Directory Groups
Create the following groups in Active Directory (AD):
Sample User (Records)
TraCS Records
TraCS Reporter
TraCS RecordsDataEntry
TraCS Supervisor
TraCS System Admin
TraCSAccessLevelRecords
TraCSAccessLevelReporter
TraCSAccessLevelRecordsDataEntry
TraCSAccessLevelSupervisor
TraCSAccessLevelSystemAdmin
TraCSAUAll Users_Records
TraCSAUAll Users_Reporter
TraCSAUAll Users_RecordsDataEntry
TraCSAUAll Users_Supervisor
TraCSAUAll Users_SystemAdmin
TraCSGroupAll Users
TraCSLogin
Existing AD Users (or existing AD groups) will be a member of one of these AD Security Groups:
TraCS Records
TraCS Reporter
TraCS RecordsDataEntry
TraCS Supervisor
TraCS System Admin
Each of these TraCS AD Security groups will be a member of
TraCS Records
Member of:
TraCSAccessLevelRecords
TraCSGroupAll Users
TraCSLogin
TraCSAUAll Users_Records
TraCS Reporter
Member of:
TraCSAccessLevelReporter
TraCSGroupAll Users
TraCSLogin
TraCSAUAll Users_Records
TraCS RecordsDataEntry
Member of:
TraCSAccessLevelRecordsDataEntry
TraCSAccessLevelRecordsDataEntry
TraCSGroupAll Users
TraCSLogin
TraCSAUAll Users_RecordsDataEntry
TraCS Supervisors
Member of:
TraCSAccessLevelRecords
TraCSAccessLevelReporter
TraCSAccessLevelCitationReporter
TraCSAccessLevelWarningReporter
TraCSAccessLevelSupervisor
TraCSGroupAll Users
TraCSLogin
TraCSAUAll Users_Records
TraCSAUAll Users_Reporter
TraCSAUAll Users_CitationReporter
TraCSAUAll Users_WarningReporter
TraCSAUAll Users_Supervisor
TraCS SystemAdmin
Member of:
TraCSAccessLevelRecords
TraCSAccessLevelReporter
TraCSAccessLevelCitationReporter
TraCSAccessLevelWarningReporter
TraCSAccessLevelSupervisor
TraCSAccessLevelSystemAdmin
TraCSGroupAll Users
TraCSLogin
TraCSAUAll Users_Records
TraCSAUAll Users_Reporter
TraCSAUAll Users_CitationReporter
TraCSAUAll Users_WarningReporter
TraCSAUAll Users_Supervisor TraCSAUAll Users_SystemAdmin