When the Active Directory (AD) Module is included in your license key, it still needs to be activated in order to be used. Only users with the Sys Admin parameter can activate the module.
- Navigate to Administration > System > System Settings, then click Features in the left-hand submenu.
- Select the Integrate/Authenticate users with Active Directory in the Identity Management section.
- (Optional) Select Allow single sign on functionality.
- (Optional) Select Update existing AD users on login. This will check for and update the user each time they log into Issuetrak.
- Click Update to save the new settings.
A confirmation message will appear when this process is complete. The Identity Management menu option will now appear in the Administration menu.
Immediately after the AD Module is activated, you must activate Issuetrak Authentication within the user record of any Issuetrak user who will be performing the preparation and/or configuration tasks. Without this parameter, configuration users risk potential lockout. This parameter tells Issuetrak not to authenticate a user by AD. It only appears once the AD Module is activated.
- Navigate to Administration > Users > List All or Administration > Users > Search (whichever screen you work in most comfortably).
- Locate the user record of the configuration user.
- Click the edit link that appears next to the user ID.
- Select Issuetrak Authentication in the Parameters section of the Edit User screen.
- Click Update to save the new parameter.
A confirmation message will appear when this process is complete.
Repeat these steps for each user involved in the configuration process. Once the configuration is complete, this parameter may be removed. Any user with the Sys Admin parameter or Can access and maintain Administration functions can update the user.
Additionally, if you have any non-AD users already entered in your site, you can activate the Issuetrak Authentication parameter for them at any time. They will be locked out until that parameter is set.
AD Single Sign On (SSO)
If Single Sign On was activated during preparation, related settings must now be updated for this to function properly if you intend to use AD SSO. In some cases, browser settings may need to be updated at the user level. There are a series of KB articles in our Support site to assist. AD Federation Services does not require additional changes for SSO to work, and is incompatible with the IIS authentication settings that are required to make AD SSO work.
- You can learn how to configure AD SSO here.