Microsoft Active Directory Integration

[Law Kenneth]

Customer has a on-premise MS AD.   They have been using it for Single Sign On (SSO) for all their systems.   When we propose RMP to automate their workflow, they would like to have integration with their MS AD for SSO.  That is, the customer will assign some of their AD users with the ability to sign on (login) to RMP for the workflow management.

I understand that RMP has its own authentication and user management which is not built based on MS AD, but there is the functionality to use LDAP to access to the MS AD (via the SEC) of the customer to copy the credential information from customer MS AD to the RMP user "organisation tree".

Can this copied user "organisation tree" be used for authentication by RMP ?

Another method is :

We (system integrator) build an application to perform the authentication access to customer on premise MS AD via the SEC.   This application has the REST API for being accessed by the RMP.   Whenever user login RMP, the RMP will access the API to perform the authentication and identify the role (authorisation level) of this user.

Is the above feasible ?  Is there any recommendation ?   Any such reference case of MS AD integration ?

Thanks for your support.

Kenneth

[thoshino]

Hi Kenneth,

There are SSO solutions (software or service) that makes this happen for you.

RMP comply to SAML v2 protocol, so the SSO solution needs to translate between AD authentication and SAML V2.

Since authentication is a very sensitive area, I would propose not to go for a custom approach, and rely on tested solutions.

Best regards,

Taka

[dougs...@gmail.com]

Hello Kenneth. I am also interested in AD synchronisation or account import. Did you get any further with your enquiry/research? I can only see one connector ("Cloudiware") but that's a separate paid service.

Regards,
Doug