Ensure that there are not any groups
inside the OU you specify for viewLinc. At present, nested groups are not supported by
viewLinc.
To be able to use the Active
Directory Sync feature, viewLinc requires that your Active Directory server uses a 2048-bit
RSA certificate.
Manage
System
You can simplify user authentication for
your viewLinc deployment by setting up Active Directory Link.
Before you start this task, you should have
already set up Active Directory (AD) with an organizational unit (OU), groups, and users.
You should also create a specific Active Directory user with limited permissions whose user
principal name (UPN) you will provide to allow viewLinc to access your AD server.
In System
Preferences select the Active Directory
Link tab.
Provide the appropriate details for the Active Directory connection:
Host name
Specifies the active directory domain name; must be fully qualified if the
connection type (the next field) is Secured or Kerberos. If you have multiple domain
controllers, do not specify the full server host name or you risk having viewLinc
importing only the group but not the users.
Connection type
Unsecured: Specifies unencrypted communication to the Active Directory.
Username and password are required.
Not recommended.
Secured: Specifies TLS-protected communication to the Active Directory.
Username and password are required.
Kerberos: Specifies Kerberos security to the Active Directory. Username
and password are not required. If omitted, the username and password applied to
the service will be used; if provided, the service will impersonate the
user.
Port number
Specifies the TCP port to connect on. For Unsecured connection types, 389 is the
default; for Secured or Kerberos connection types, the default is 636.
User principal name
Specifies the username used for authentication to the Active Directory. Must be in
UPN format: username@AD-domain
User password
Specifies the password for the UPN provided for Active Directory authentication.
Required for Unsecured or Secured connection type.
Server domain DN
Specifies the distinguished name of the Active Directory server name, in the
following format: dc=test,dc=local
Organization unit DN
Specifies the distinguished name of the organizational unit, in the following
format: ou=viewLinc, dc=test,dc=local
Synchronize every
Specifies how often to synchronize identity data from Active Directory to your
viewLinc server. If you do not specify a regular interval, you should manually click
the Sync now button after changes to the Active
Directory.
User authentication method
Specifies the authentication for users:
Domain: Use Windows
server authentication. User must have login privileges on the viewLinc
server.
Active Directory: Use Active Directory server authentication. User
doesn't require login privileges on the viewLinc server.
Provide the relevant details for the user property mapping:
Mobile
Name of the Windows property used to fetch the user's mobile number.
Email
Name of the Windows property used to fetch the user's email address.
viewLinc PIN
User's PIN for acknowledging alarms.
This property doesn't exist by
default, so you must create it in the Active Directory, if desired.
Preferred language
Name of the Windows property used to fetch the user's preferred language.
This property doesn't exist by
default, so you must create it in the Active Directory, if desired.
Send alarm notification
Name of the Windows property used to fetch the user's alarm notification setting.
This property doesn't exist
by default, so you must create it in the Active Directory, if desired.
Audible alarm notification
Name of the Windows property used to fetch the user's audible alarm setting.
This property doesn't exist by
default, so you must create it in the Active Directory, if desired.
Click the Test connection button to ensure that the details
provided are correct.