When the Active Directory (AD) Module is included in your license key, it still needs to be activated in order to be used. Only users with the Sys Admin parameter can activate the module.
- Click the gear icon in the upper right > click Features beneath System.
- Select the Integrate/Authenticate users with Active Directory in the Identity Management section.
- (Optional) Select Allow single sign on functionality.
- (Optional) Select Update existing AD users on login. This will check for and update the user each time they log into Issuetrak.
- Click Update to save the new settings.
A confirmation message will appear when this process is complete and the Identity Management options will become active in the Settings Lightbox.
Deactivating AD within Issuetrak
You may want to deactivate AD integration under certain circumstances, which will preclude the use of all forms of AD authentication with your instance of Issuetrak.
- Sign into Issuetrak with a Sys Admin account.
- Click the gear icon in the upper right > click on Features beneath System.
- Scroll down to Identity Management.
- Uncheck the box next to "Integrate/Authenticate users with Active Directory".
- Click Update.
Immediately after the AD Module is activated, you must activate Issuetrak Authentication within the user record of any Issuetrak user who will be performing the preparation and/or configuration tasks. Without this parameter, configuration users risk potential lockout. This parameter tells Issuetrak not to authenticate a user by AD. It only appears once the AD Module is activated.
- Click the gear icon in the upper right > click Users beneath Entities > click either List or Search in the right context menu. (whichever screen you work in most comfortably).
- Locate the user record of the configuration user.
- Click the edit link that appears next to the user ID.
- Select Issuetrak Authentication in the Parameters section of the Edit User screen.
- Click Update to save the new parameter.
A confirmation message will appear when this process is complete.
Repeat these steps for each user involved in the configuration process. Once the configuration is complete, this parameter may be removed. Any user with the Sys Admin parameter or Can access and maintain Administration functions can update the user.
Additionally, if you have any non-AD users already entered into your site, you can activate the Issuetrak Authentication parameter for them at any time. They will be locked out until that parameter is set.
AD Single Sign On (SSO)
If Single Sign On was activated during preparation, related settings must now be updated for this to function properly if you intend to use AD SSO. In some cases, browser settings may need to be updated at the user level. There are a series of KB articles on our Support site to assist. AD Federation Services and Azure AD do not require additional changes for SSO to work, and is incompatible with the IIS authentication settings that are required to make AD SSO work.
- You can learn how to configure AD SSO here.