Preparing to use the Active Directory Module

Information

This article goes over the prerequisites for using the Active Directory Module in Issuetrak.  If you are instead interested in using AD Federation Services, click here


Verifying AD information

Organizations within Issuetrak are generally used to represent companies and/or companies’ customers. Every Issuetrak user must be associated with an organization. The AD module allows you to map AD Groups/OUs to specific organizations, so make sure there is an AD Group or OU with the appropriate users ready to map.

Within Issuetrak, departments and locations are optional values to associate with a user. The AD module looks for an exact match within the AD Department to match to the Issuetrak Department Name, and from the AD Office to match to the Issuetrak Location ID. If those fields aren’t filled out in AD, then as long as the users are associated to AD Groups/OUs that define their department and location membership, those values can be mapped as well.

Single Sign On in the Cloud is currently only possible with AD Federation Services. 


Establishing server specifications

Each AD server that communicates with Issuetrak needs to be accessible from the Web server hosting Issuetrak. In addition, you will need:

  • The server’s computer name, DNS name, or IP address may be used. However, we recommend using computer or DNS name whenever possible.
  • The fully distinguished domain name and password of the “connection user.” This user must have read-only permissions to all AD user properties.
  • Server 2012 or higher with Active Directory MUST set up their connection user to have an accountID that matches their displayname, so that the distinguished name of the user can be parsed to get the accountID.
  • The Search Order for the server if multiple AD servers exist within this domain. Search order defines the order multiple AD servers within the same domain are searched for user matches.
  • The SSL port number and the Global Catalog (GC) SSL port number if it is going to be used when connecting to this server. Issuetrak will set the defaults to SSL port 636 and GC SSL Port 3269.

Please see KB Article #1504 in our Support Site for instructions on determining the fully distinguished name of the connection user.

Collect these values for each AD server that will be communicating with Issuetrak. Should you need assistance with this task, please contact our Support Team at 757-213-1351, support@issuetrak.com or https://support.issuetrak.com.