Integrating ONARKEN lockers with your Active Directory (AD) allows for seamless user authentication and efficient management of access permissions. To set up the integration, specific information is required to ensure proper configuration and functionality.
Required Information
-
Host Address(es) / Name(s):
- The address or hostname of your Active Directory server(s).
- The address or hostname of your Active Directory server(s).
-
Port Number:
- The port used for communication with Active Directory (commonly 389 for LDAP or 636 for LDAPS).
- The port used for communication with Active Directory (commonly 389 for LDAP or 636 for LDAPS).
-
Active Directory Service Account:
- An account with Full Read Access to your Active Directory. This account is used to query and retrieve user information.
- An account with Full Read Access to your Active Directory. This account is used to query and retrieve user information.
-
Base DN (Distinguished Name):
- The root of the directory tree from which ONARKEN will search for user accounts. For example:
OU=Users,DC=example,DC=com.
- The root of the directory tree from which ONARKEN will search for user accounts. For example:
-
Card Number Attribute:
- The attribute in Active Directory that stores the user’s card number for authentication.
- Note: If card numbers are not stored in AD, ONARKEN can prompt users to self-register their cards during their first use.
-
Cost Code Attribute (Optional):
- If applicable, this attribute can store cost codes associated with users for tracking or billing purposes.
Best Practices for Setup
-
Secure the Service Account:
Ensure that the service account used for the integration has the minimum required permissions (Full Read Access) to reduce potential security risks. -
Confirm Attribute Names:
Verify the exact attribute names for card numbers and cost codes in your Active Directory schema to avoid configuration errors. -
Test Connectivity:
Before finalising the setup, test the connectivity to your AD server using the provided host address, port number, and service account credentials. -
Use LDAPS for Security:
If possible, use LDAPS (LDAP over SSL) for encrypted communication between ONARKEN and Active Directory.
Next Steps
Once the required information is gathered, follow the ONARKEN integration setup wizard to configure and establish the connection. For further assistance, refer to your ONARKEN documentation or contact support.