Active Directory Integration

These instructions are for Active Directory that is installed on-premise. If you are using Azure AD, then please follow these instructions instead.

The Professional Edition of Staff.Wiki allows for integration with Active Directory so your users can use their Windows/network login credentials in order to login to Staff.Wiki. This makes it easier for your staff so they don't have to remember multiple passwords for different systems.

Note: Staff.Wiki must be on the same network as your Active Directory server for this to work. The application server machine must be joined to the domain you are using. If you are using the cloud Azure Active Directory, please follow these instructions instead.

To connect Staff.Wiki with your Active Directory server, you must be logged in as "admin". You will then go to the Configuration tab, and click on "Main Settings".

In there you will see an option called AD Server. Simply enter in the domain name of your AD Server in there. Once that is set, the next time someone logs in to Staff.Wiki, it will use the Active Directory server to authenticate them.

Note: If you want it to use multiple domains, please list the domains (with no spaces) each separated by a comma. It will then try to authenticate the user on each domain listed until it finds at least one that is successful.

Setting Permissions

If a user logs in to Staff.Wiki who has not previously logged in, or that hasn't had a user record created for them, the system will automatically create a user record for them and set them as an "End User", which is the lowest permission for accessing Staff.Wiki.

If a user record has been created for that user, then they will adopt the permission settings that were configured for them. Active Directory will only be used to verify the password.

Any administrator or User Manager will be able to go to their user record and modify their permissions by setting their Primary Role and other settings. Once this is changed, the user must log back in again to see those changes take affect.

Note: The "admin" login will not go through Active Directory for authentication. The password will always be managed in Staff.Wiki itself.

By default users will be kept logged in until:

  1. Their Windows password changes. If this occurs they will be asked to enter their password again.
  2. They haven't accessed Staff.Wiki for more than 7 days.

Enterprise Edition

If you wish to implement more sophisticated logic for determining your staff's permissions automatically based on settings in their Active Directory profile, you should consider discussing the Enterprise Edition with us, where we can assist you in customizing the authentication procedure. This will allow you to integrate with other forms of authentication, such as LDAP servers or through other databases, or create mechanisms such as self-signup for your users or clients.


Next Topic:
v6.0.0.14089
Up Since 2/28/2024 11:52:41 PM