Versions Compared

Old Version 11

changes.mady.by.user Luc Richard

Saved on

compared with

New Version 12

changes.mady.by.user Luc Richard

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Many hospitals and healthcare organizations use Active Directory (AD) to manage user passwordstheir users' credentials (username and password)and to some extent, user profile information (i.e. first name, last name, group). The learning environment allows the synchronization and authentication of users against your organization's AD using the LDAP protocol. When enabled, the learning environment will:

  1. Import all users from your AD to the learning environment
  2. Synchronize the user's information (i) once a day (for all users) and (ii) everytime every time the user logs in the learning environment (for that specific user account)
  3. Authenticate the users directly against AD instead of verifying their username and password in the learning environment.

...

In order for AD authentication to work, the learning environment needs to store some user information in its database. It therefore needs to import At a minimum, it needs the following information (at a minimum) from AD for each user account:

  • Username
  • First name
  • Last name
  • Email address

If this information is stored in your AD, then the learning environment can import it directly from AD. Otherwise, it can import it from your HRIS (Human Resources Information System) or even a CSV file. The source of the information is not important, but it is important that the information be available. The learning environment will not create user accounts if any of the above 4 fields are missing.

The rest of the information (iei.e. job title, department, telephone) is optional and does not need to be imported in the learning environment. If you decide NOT not to import additional information however, please note that this information will not be available in the various reports and learning records available in the learning environment.

Assumptions

There are a few couple of rules that need to be respected in order for the integration to work:

...

  1. You must accept SSL requests (LDAPS) from the learning environment on a secure port (usually port 636). This means that your firewall will need to allow requests from the learning environment over a secure port (usually port 636).
  2. You will need to create a non-privileged AD user account that will be used to bind the learning environment to AD. Make sure this account and its password do NOT expire. Should it expire, the synchronization and authentication of your users will no longer work.

...