Print this page
In this topic
Active Directory is a tool used to group and store user accounts and case groups. Active Directory stores information in organizational units, similar to the folder structure in Microsoft Windows Explorer.
System administrators authenticate Active Directory with Ringtail, which minimizes the need to manage Active Directory users in Active Directory. As a system administrator, you can import Active Directory users into Ringtail and add new Ringtail users to Active Directory. Portal administrators can import users, but the system administrator designates one Active Directory organizational unit to which portal administrators have access.
You can configure the Active Directory case group and organizational unit in Ringtail on the Active Directory Settings page. You can also enable or disable the self-service password system and the domain user import feature.
Note: Authenticate only one Active Directory at a time with Ringtail.
The following list describes the available features and tasks when you authenticate with Active Directory:
●Self-service password system: If you incorporate a self-service password system, configure Active Directory to work with the system. The self-service password system can be enabled or disabled.
●Domain user import: Import Active Directory users into Ringtail. For information about domain user import, see Import users by domain. The domain user import feature can be enabled or disabled.
●Add users to Active Directory: Add new Ringtail users to Active Directory. You can also add existing Ringtail users from each user's profile page.
●Add users to the Active Directory case group: Use this group to manage file repository hare permissions. Only one Active Directory case group exists per case.
To work with Active Directory, Ringtail authenticates with the Active Directory account. A system administrator configures the authentication settings on the Active Directory Settings page.
●To activate the self-service password and domain user import features, you need the following:
oDomain name: The name of the Active Directory domain to which you want to connect.
oDomain service account: The name of the Active Directory account you use to add and edit Active Directory users. For the self-service password feature to work with Active Directory, the Active Directory administrator gives the account write permissions. To enable the domain user import feature, the account needs only read access.
oDomain service account password: Create a password for the domain service account.
●To add Ringtail users to Active Directory and to an Active Directory case group, you need the following:
oOrganizational unit for user storage with write permissions: The organizational unit in which Active Directory stores user accounts. The Active Directory administrator grants write permissions to this organizational unit to the domain service account.
oOrganizational unit for the Active Directory case group with write permissions: The case group organizational unit in which Active Directory stores user groups. Ringtail stores all imported user groups in the case group organizational unit that you select. The names of the case group organizational units derive from the names of the Ringtail cases to which you have access. When administrators assign users to cases, Ringtail automatically places the users in the selected case group organizational unit and in the corresponding case group organizational unit in Active Directory. The Active Directory administrator grants write permissions for the domain service account to the case group organizational unit.
Use the following procedure to configure the Active Directory settings.
1.On the Portal Home page, under Portal Management, click User Administration.
2.In the navigation pane, click Active Directory Settings.
Note: You will not see the Active Directory Settings page if your portal is configured to use Ringtail authentication.
3.Type the Domain name.
4.Type the Domain service account. Ringtail uses the account to access Active Directory.
5.Type the Domain password, and then click Test to authenticate the domain.
6.Optionally, do any of the following:
oTo enable the password self service system for users, select the Enable users to access password self service check box. To disable the system, clear the check box.
oTo enable the domain user import feature, do the following:
i.Select the Enable users to be imported from domain check box.
ii.When importing, portal administrators can access one organizational unit only. Under Organizational Unit accessible to Portal Administrators, select the organizational unit that the portal administrators can access.
oTo allow new or imported Ringtail users to be automatically added to Active Directory, do the following:
i.Select the Add Ringtail users to Active Directory check box.
ii.Under Store users in this Organizational Unit, select the organizational unit in which to store user accounts.
oTo allow for the addition of Ringtail users to an Active Directory case group, do the following:
i.Select the Create Active Directory group check box.
ii.Under Store group in this Organizational Unit, select the organizational unit in which to store the Active Directory case group.
7.Click Save.
Use the following procedures to add Ringtail users to Active Directory.
When creating a new Ringtail user, you have the option to add the user to Active Directory. For information about creating new Ringtail users, see Create new users.
You can add an existing user to Active Directory from the user's profile page. You can also reinstate a deleted Ringtail user and add the user to Active Directory.
Use the following procedure to add a user to Active Directory.
1.On the Portal Home page, under Portal Management, click User Administration.
2.In the navigation pane, click Users or Deleted users. For portal administrators, when organization security is enabled, the list of available items depends on portal administrator membership, if any, in provider or client organizations. To understand how organizations are managed in Ringtail, see Organizations. For a summary of how organization security affects portal access for each Ringtail user category, see Portal security table.
3.Click the name of the user.
Note: The User is not in Active Directory section only appears on the Profile page if the user is not currently in Active Directory and your environment is configured for Windows authentication.
4.If adding a deleted Ringtail user to Active Directory, select the Reinstate this user check box.
5.Select the Add this user to Active Directory check box.
6.Click Save.
You can add multiple Ringtail users to Active Directory from a list of Ringtail users that are not in Active Directory. Ringtail creates a report detailing the changes made to each user.
Caution: The report contains sensitive information, including user passwords.
Use the following procedure to add multiple Ringtail users to Active Directory.
1.On the Portal Home page, under Portal Management, click User Administration.
2.On the Users page, click More and then select Reconcile Ringtail users with Active Directory.
3.In the Reconcile Ringtail users with Active Directory dialog box, select users. For portal administrators, when organization security is enabled, the list of available items depends on portal administrator membership, if any, in provider or client organizations. To understand how organizations are managed in Ringtail, see Organizations. For a summary of how organization security affects portal access for each Ringtail user category, see Portal security table.
4.Click OK.
5.Open or save the report.
You can add or remove users in an Active Directory case group. You can also create a report detailing the changes made to each user.
Use the following procedure to add or remove users in an Active Directory case group.
1.On the Portal Home page, under Portal Management, click User Administration.
2.On the Users page, click More and then select Reconcile Active Directory group.
3.In the Reconcile Active Directory group window, select an Active Directory case group and click Next.
Note: The case names that appear on the Select Case page are the same as the Active Directory case group names. Ringtail derives the Active Directory case group names from case names.
4.In the list of users on the Select Users page, select the users to add to or remove from the Active Directory case group. For portal administrators, when organization security is enabled, the list of available items depends on portal administrator membership, if any, in provider or client organizations. To understand how organizations are managed in Ringtail, see Organizations. For a summary of how organization security affects portal access for each Ringtail user category, see Portal security table.
The Actions column contains one of the following status messages, which indicates if the user can be removed or added:
oRemove from Active Directory group: The user is assigned to the Active Directory case group. You can remove this user.
oAdd to Active Directory group: The user is not assigned to the Active Directory case group. You can add this user.
5.Click Next.
6.Select the optional Download report check box to create a report of the users you added or removed.
7.Click Finish.
8.If you created a report, open or save it.