User Source Requirement - v2023.04
In this document below user source type requirements described.
Active Directory
Active Directory Requirements
Monosign Authentication
Monosign supporting Unified Directory architecture. It means you can use external or internal user directory. Monosign natively supports Microsoft Active Directory/LDAP servers. Active directory integration can be performed with the following user permissions.
A service user must be created in the active directory.
Example service user name “monosign_svc“
Permission List
Operation | Permissions | Object Type |
---|---|---|
Authentication | Standard Active Directory User Permission | User |
Monosync Integration for Lifecycle Management
Monosync is a Data Integration Management solution for enterprise-level organizations. Monosync has enterprise grade features with supported 19 integration providers and these features help companies to integrate their inhouse and/or enterprise applications for data synchronization and manipulation.
Monosync supporting Active Directory operations like user creation, update, memberof groups and disable, delete. For this integrations needs special permission on the Active Directory.
A service user must be created in the active directory.
Example service user name “monosync_svc“
Permission List
Operation | Permisson | Object Type |
---|---|---|
Create, Delete,Manage | Create, detele, and manage user accounts | User |
Create,Delete, Manage | Create, delete and manage groups | Group |
Modify | Modify the membership of a group | Group |
Select Correct OU, Right Click and choose Delegate Control and Click Next.
Click Add, choose Service User and click Next.
Choose below tasks to delegate service user and click Next than click Finish.
If Exchange Active Sync Devices assigned to the user Below delegation must be assigned to Monosync service user.
It can be configure with PowerShell script. You can download below link. Before running script in the active directory please change below line in the scripts.
$ou = "Monofor"
$user_delegated = "monosyncsvc"
$group_delegated = "Monosync Service Group"
$ou
is which OrganizationalUnit to delegate user or group.
$user_delegated
If one service account will be delegated which is defined above OU.
$group_delegated
If specific AD Group will be delegated which is defined above OU.