When you are working in a library there are two steps to follow when setting up Active Directory in Author-it Administrator. They are:
Step 1: Map the library user groups to the Active directory groups (see "Mapping Author-it Groups to Active Directory Groups" on page 49). Ensure this step is completed first.
Step 2: Map existing library users to their Active Directory user (see "Mapping Existing Users for Active Directory" on page 50). This step enables existing users to log in to the library using Active Directory. New users can be created by the library administrator (and mapped to their Active
Once the user groups have been mapped, the network administrator can take over administration for user access.
Note: When the user logs in to an Author-it library for the first time (see "New Users Logging In to the Library" on page 51), Author-it looks for that user in an Active Directory Group. When the user is found, an account is created for the user in Author-it, and the Author-it group permissions (based on the Active Directory Group/Author-it group mapping) are assigned.
See also some Integrated Active Directory Login Examples (on page 51). Mapping Author-it Groups to Active Directory Groups
The first step for enabling users to log in using Active Directory is to map the Author-it library groups to their corresponding Active Directory group.
When setting Active Directory:
The Active Directory Group list is populated from the DOMAIN\Users organizational unit list. When required, Active Directory names from other organization units can be typed into the drop-down list and saved when Match is selected.
When logging in to a library, if a user belongs to more than one Active Directory group the folder permissions from the group that are the "least restrictive" are used.
Mapping Author-it Groups to Active Directory Groups in a New Library:1) Open the library using Author-it Administrator, then choose Security > User and Group Accounts...
2) Select the Groups tab.
3) Select an existing group or create a new group.
Important: If you create a new group ensure you assign the appropriate Author-it Folder and Release State permissions.
5) Apply your changes.
6) Repeat the steps until all of the Author-it groups have been mapped to their Active Directory Groups.
7) Save your changes.
Mapping Existing Users for Active Directory
When you are converting an existing library to use Active Directory Group security you need to map the existing users to their Active Directory User names.
Mapping Existing Users:1) Open the library using Author-it Administrator, then choose Security > User and Group Accounts...
2) Select the Users tab.
3) Select the user from the Author-it User drop down list.
4) Type the user's Active Directory details in the Active Directory User text box.
5) Ensure the user is mapped to the correct group membership role.
New Users Logging In to the Library
When a new user user logs in to an Author-it library for the first time, Author-it looks for the user's
Active Directory name in the Author-it Library User list. If an entry for the user does not exist (based on the name assigned in the Active Directory attribute values) a new account is created:
The account uses the Active Directory name as the Author-it User name.
Author-it group permissions are assigned to the user based on the Active Directory Group/Author-it Group mappings you have assigned to the library.Important: The Author-it Group must be mapped to an Active Directory Group. If the Author-it Group has not been mapped, the account will not be created when the new user logs in. Integrated Active Directory Login Examples
The following examples show what happens when users log in to the library using Active Directory. When Author-it library user names and Active Directory user names are the same
In these examples both names are the same, so Tex Ryta is known as Tex in the Author-it library and as Tex when logging in over the network.
Users:
Tex Ryta (is an existing user - library user name is not mapped)
Library User Name: Tex
Active Directory Name: Acme\TexDee Zynah (is an existing user - library user name is mapped)
Library User Name: Dee
Active Directory Name: Acme\Dee Anne Ortha (is a new user)
Library User Name: (not added)
Active Directory Name: Acme\AnneUser Library User Settings in Administrator
Login Results Tex Ryta Library User Name: Tex
Active Directory Mapping:
Not mapped to his Active Directory Name
Tex cannot log in to the library using Active
Directory. Author-it cannot match the existing library user name to an Active Directory user. (See the note at the end of this topic.)
Solution: Author-it administrator maps Tex's library user name to his Active Directory name.
Dee Zynah Library User Name: Dee
Active Directory Mapping:
Has been mapped to her Active Directory Name (Acme\Dee)
Dee successfully logs in to the library using Active Directory.
Anne Ortha Library User Name: -
Active Directory Mapping: -
Anne logs in to the library for the first time. Author-it doesn't find an existing account when it looks for her name (Anne) so it creates a new account. The Author-it groups that have been mapped to Anne's Active Directory group are added to her account.
When Author-it library user names and Active Directory user names are different
If the user's name in the Author-it library is different from the Active Directory name and there is no mapping the following situation can occur. This example uses "Mark Ateer" as the library user name and "Mark" as the Active Directory name.
User:
Mark Ateer (is an existing user - library user name is not mapped)
Library User Name: Mark Ateer
Active Directory Name: Acme\MarkA user called "Mark Ateer" exists in the library. When Mark tries to log in to the library using Active Directory, Author-it looks for the name "Mark" but can't find this account. Mark is treated as a first
Active Directory in Author-it Live Setting Active Directory for Author-it
Author-it is ready for using with Active Directory once the Author-it groups have been mapped to the Active Directory groups in Author-it Administrator.
Setting Active Directory for Author-it Live
Author-it Live has additional requirements. The Author-it group and Active Directory groups must be mapped in Author-it Administrator. The Active Directory option in the Author-it Live Configuration Tool must be selected, and the web site must be configured in IIS Manager to use the appropriate the authentication options.
Configuring Active Directory Users for the Library:1) Open the library in Author-it Administrator.
2) Choose Security > User and Group Accounts > Groups. Map the Author-it Groups to the Active Directory Groups by selecting the Author-it Group from the first drop-down list, then select the Active Directory Group from the second list and choose Match (a confirmation message is displayed).
3) Choose the Users tab. For any existing users select the user's name from the Author-it User drop-down list; add the user's Active Directory Name; update the groups the user is a member of if required; save the changes to this tab.
Logging in to the library as a new user
If a user has not been added to the library user list, when they log in to the library for the first time through Author-it or Author-it Live an account is created. The account includes their library user name, their Active Directory user name, and the Author-it groups they been added to.