...
- Import all users from your AD to the learning environment
- Synchronize the user's information (i) once a day (for all users) and (ii) everytime the user logs in the learning environment (for that specific user account)
- Authenticate the users directly against AD instead of verifying their username and password in the learning environment.
User Information
In order for AD authentication to work, the learning environment needs to import store some user information from AD. The learning environment requires for each user in its database. It therefore needs to import the following information (at a minimum) from AD for each user account:
- Username
- First name
- Last name
- Email address
...
- You must be using a single domain as the source of your authentication data in order for the integration to work. The use of multiple domains is not supported by the learning environment.
- You must accept SSL requests (LDAPS) from the learning environment on a secure port (usually port 636). This means that:
- Your firewall will need to allow requests from the learning environment over a secure port (usually port 636).
- You will need to provide Dual Code with a third-party or self-signed certificate. The connection between the two systems must be encrypted.
- You will need to create a non-privileged LDAP AD user account that will be used to bind the learning environment to AD. Make sure this account and its password do NOT expire. Should it expire, the synchronization and authentication of your users will no longer work.
...