Active Directory Integration
Introduction
The Meshed Platform supports integration with an external Active Directory (AD) via the LDAP protocol.
Creating a user account (Student or Staff) in the Meshed Platform will initiate the creation of the AD user account via the AD LDAP service.
Student Active Directory Integration
The standard Student AD Integration is linked to the following four events in the Meshed Platform:
- Staff creates a new Student user account
- Student changing their password
- Student forgotten password request
- Staff re-setting a Student password
Note:
- Deleting a Student user account is not linked with AD Integration
- Events can be modified for Provider specific requirements
Staff Active Directory Integration
The standard Staff AD Integration is linked to the following event in the Meshed Platform:
- Admin creates a new Staff user account
Note:
- All other Staff user account actions are not linked with AD Integration
- Events can be modified for client specific requirements
Client Information required for Active Directory Integration
- LDAP server URL - Access level, SSL status
- LDAP base OU/DN - base domain name location for Meshed Platform user accounts
- LDAP user - with required privilege and password
- LDAP - Basic profile properties required to be set.
- Mapping - Client LDAP logic and policy
- Active Directory Password Policy
Note:
- The AD password can be set as the password entered when creating the Meshed Platform user account (Student or Staff).
- Password integration is dependent AD password policy, and the Meshed Platform supported password policy could differ to AD. To ensure correct integration, it is recommended that the password policy for AD matches the Meshed Platform password policy.
A Client Network Engineer will be required to liaise with Meshed Group Engineer's for successful AD Integration.
Process Flow Diagram
