If you need any help configuring the following steps, be sure to get in touch: firstname.lastname@example.org or via chat.
The AD integration is configured by using the Vizito AD client which needs to be installed on a device/server which the tablet can connect to. So the tablet needs to be able to communicate to this device/server via its network.
Please find a schematic representation below:
Step 1: NodeJS
Download and install the latest version of NodeJS at https://nodejs.org/
Step 2: Vizito AD client
Download and extract our Vizito AD client to a folder of your choice
Step 3: Config
Edit config.json to match your environment.
Here you can find the configuration values and a description of what information you need to enter:
|ldap*url||Yes||The internal URL / IP of your LDAP server. Example: _ldap://ldap.forumsys.com .*|
|ldap*bind_credentials.user_cn||Yes||The user CN that is used for the LDAP bind. Usually a specific technical user is created for this with read only rights.|
|ldap_bind_credentials.password||Yes||The password for the LDAP bind user.|
|search_scope||Yes||This configures the search depth: _base* - searches only the searchbase level; _one - searches only the immediate subordinates to the base object, but does not include the base object itself; sub - this searches the search*base level and all of its subtrees.|
|search*base||Yes||The search base used for looking up CN entries. This should be the top level of your LDAP domain where you want to look for entries.|
|mobile_prefix||No||If your LDAP dictionary contains local or internal mobile phone numbers (without country code), you can add a prefix containing the country code. The first character of the local or internal mobile phone number will be replaced with this prefix.|
|ldap_filter||No||If you want to filter the LDAP search results, you can do so using an ldap filter. This searches only for matching records.|
|Examples of this filter are: only persons belonging to a specific group, only persons having a mobile phone number configured, … .|
|An example of a filter: *(&(memberof=OU=VizitoGroup,OU=Applications,OU=Groups,DC=company,DC=com))* .|
|api*port||Yes||Default value: _48800*. This configures the port at which the node application will listen for HTTP(s) requests.|
|use*ssl_for_api||Yes||Default value: _false*. If set to _true_, it will use the ssl.ca, ssl.key and ssl.cert configuration items to load a private key / public key pair for enabling TLS communication.|
|Read up on creating your own self-signed certificates using a custom root CA.|
|authentication.enabled||Yes||Indicates if basic authentication is needed to make a request to this server.|
|authentication.username||No||The username that is configured for basic authentication.|
|authentication.password||No||The password that is configured for basic authentication.|
Step 4: Run
Navigate to the folder where your ldap client resides, and run
- “npm install” (only required once)
- “node server.js” If everything works as intended, you should see “Server is listening” You can now use a browser to test the LDAP http server by pointing your browser to http://ip_or_hostname_of_machine_running_ldap_client:48800/ (change the port if you changed it in the config file) If your browser shows a JSON object representing the users you want to expose, than everything works!
Step 5: Configure the backoffice to make the tablet connect to the client
Navigate to https://backoffice.vizito.be and under Settings, configure the Host datasource as ‘Managed externally’ and fill in the Integration URL.
An example: http://192.168.1.100:48800.
Now the tablet will look up the information from the installed client.
Step 6: Use PM2 to daemonize the node process
Please refer to https://github.com/Unitech/pm2 for instructions on how to install and use PM2.
Demo services are available for testing purposes. They include names such as “Tesla”, “Newton”, etc..
- HTTP version:
- HTTPS version:
If you’re using a HTTPS configuration you can configure multiple CA references. Add each CA between " (quotes) in the CA array, which you can find in the config.JSON file.