Configuring the Active Directory Module

Information

Now that the preliminary steps are completed, you can go ahead and begin the actual set up of the Active Directory Module. This can only be performed by an Issuetrak user with the “Can access and maintain Administration functions” permission or the “Sys Admin” parameter and must be repeated for each AD server that will be communicating with Issuetrak.

It is necessary to activate the Active Directory module before any of these settings can be adjusted.  You can learn how to do that here.


Adding specifications of the AD server

Steps:

  1. Navigate to Administration > Active Directory > Server List > Add.

  1. Enter the computer name or DNS name in the Server field.
  2. Enter the fully distinguished domain name of the connection user in the User DN field.
  3. Fill the User ID field in Domain\Username format. 
  4. Enter the password for the connection user in the field provided.
  5. Verify the domain in which the server resides appears accurately in the field provided. This field pre-populates as the connection user is entered. If the domain which appears is incorrect, the User DN is incorrect.
  6. If multiple AD servers exist within this domain, enter the search order for this server.
  7. If SSL should be used when connecting to this server, select Use SSL and enter the SSL port number and Global Catalog SSL port number in the fields provided.
  8. Click Update to save these settings. The message “Server successfully added” will appear when the record has been saved.
  9. Click Test Connection.

A Connection Test window should appear and the message “Connection Test Successful” should be displayed at the bottom. If so, close the Connection Test window. You will be returned to the Active Directory Server Information screen where you can complete the mapping.

If the message “Connection failed” is displayed instead, the specification(s) causing the failure should be identified in red within the Connection Test window. Attempt to correct these specifications in the Active Directory Server Information screen, then click Update. Test the connection again. 


 

Enable Logging

In the event that you're not able to achieve a successful connection test with the AD settings you've specified, you can enable logging that will capture event detail relating to clicking on the Test Connection button.

Steps:

  1. On your site's Web server navigate to your site's web folder, then navigate to its \Core\App_Data folder.
  2. Edit the NLog.config file.
  3. Do a CTRL-F and search for the string:  writeTo="ActiveDirectoryLogFile
  4. Only one line will be found.  It should look like this:
     
    <logger name="*" levels="Info" writeTo="ActiveDirectoryLogFile" enabled="false" />
    Perform the following actions on that line:
    1. Change Info to Trace.
    2. Change False to True.
  5. Save the file.
  6. Within Issuetrak's Active Directory settings, click the Test Connection button again. A log file should be generated within \Core\App_Data\Logs. This should provide information that can help with troubleshooting the connectivity problem.

When you no longer need logging enabled for this, it is recommended to revert the changes you made above.

If you are unable to achieve a successful connection after following the steps above, please contact our Support Team for assistance.


 

Mapping User Attributes

Steps:

  1. Scroll to the Determining User Permissions section of the Active Directory Server Information screen.

  1. Enter an appropriate Group/OU in the field provided for Active Directory Group/OU.
  2. Click the magnifying glass next to the EndUser Template field to select the End User template.
  3. Click Add. A confirmation message will appear when this process is complete.
  4. (Optional) If role-based Groups/OUs and templates were established during preparation, repeat to map each role-based Group/OU on this server to its corresponding user template.

 

Mapping Organizations

In order for Organization values to be mapped/matched to AD values, these entities must be created in Issuetrak first. This can only be performed by someone with the “Can access and maintain Administration functions” permission or the “Sys Admin” parameter.  Please reference the Managing Organizations article for instructions.

Steps:

  1. Scroll to the Determining Organization section of the Active Directory Server Information screen.

  1. Enter an appropriate Group/OU in the field provided for Active Directory Group/OU.
  2. Click the magnifying glass in the Issuetrak Organization field to select the Organization to map to.
  3. Click Add. A confirmation message will appear when this process is complete.
  4. (Optional) If you have additional organizations that you need to include, repeat to map each Group/OU on this server to its corresponding organization.

 

Mapping Locations

In order for Locations values to be mapped/matched to AD values, these entities must be created in Issuetrak first. This can only be performed by someone with the “Can access and maintain Administration functions” permission or the “Sys Admin” parameter.  Please reference the Managing Locations article for instructions.

Steps:

  1. Scroll to the Determining Location section of the Active Directory Server Information screen.

  1. Enter an appropriate Group/OU in the field provided for Active Directory Group/OU.
  2. Click the magnifying glass in the Issuetrak Location field to select the location to map to.
  3. Click Add. A confirmation message will appear when this process is complete.
  4. (Optional) If you have additional locations that you need to include, repeat to map Group/OU on this server to its corresponding location.

 

Mapping Departments

In order for Departments values to be mapped/matched to AD values, these entities must be created in Issuetrak first. This can only be performed by someone with the “Can access and maintain Administration functions” permission or the “Sys Admin” parameter.  Please reference the Managing Departments article for instructions.

Steps:

  1. Scroll to the Determining Department section of the Active Directory Server Information screen.

  1. Enter an appropriate Group/OU in the field provided for Active Directory Group/OU.
  2. Click the magnifying glass in the Issuetrak Department field to select the department to map to.
  3. Click Add. A confirmation message will appear when this process is complete.
  4. (Optional) If you have additional departments that you need to include, repeat to map each Group/OU on this server to its corresponding department.

 

Performing a Search Test

Steps:

  1. Scroll to the Search Test section of the Active Directory Server Information screen.

 

  1. Enter an AD User ID from this server in the field provided. (Password is not required)
  2. Click Search.

A User Search Test window should appear. The user's organization and any other Issuetrak-related memberships or corresponding templates will be displayed in the grid towards the bottom. If this information has been transferred correctly, close the User Search Test window.

If this information has not been transferred correctly, review the details of the User Search Test window to ensure the user has the appropriate memberships within AD. Then verify all the determining memberships are mapped correctly in the Active Directory Server Information screen. Then try to perform a Search Test on the user again. If you are still encountering difficulty with getting the correct information to display, please contact our Support Team for assistance at 757-213-1351, support@issuetrak.com or https://support.issuetrak.com.