IMPORTANT! Because of the technical knowledge required, your district’s IT administrator (or someone with a similar role) will most likely need to perform the first two procedures.
ML Schedules™ Software gives subscribers the option to import the district’s Active Directory user names to automatically create district user accounts. Once the new account is created, the software then uses the password stored in Active Directory to authenticate the user’s login request.
There are (3) simple one-time procedures that must be performed to integrate your district’s Active Directory users with ML Schedules™ Software:
1. Setup Active Directory integration with ML Schedules™ Software, and;
2. Import Active Directory users into ML Schedules™ Software.
3. Set Necessary Roles/Permission for Imported Users.
Set up Active Directory Integration
To set up Active Directory integration from any screen after logging into your ML Schedules™ Software account using District Admin credentials:
1. Grant the MasterLibrary™ Software server (IP address will be provided by your On-Boarding Coordinator) access to your Active Directory server by opening ports 389 or 636.
Your IT Administrator can contact your ML Schedules™ Software support representative for detailed instructions on this if needed.
2. Select Settings > Active Directory > AD Connection from the top black toolbar.
The Active Directory Integration Admin screen will be displayed which includes the following fields:
- Active Directory Server (text field)
- Secure LDAP (checkbox)
- Store Credentials
3. Enter your district’s server address (or IP) into the Active Directory Server field.
4. Optional: Select the Secure LDAP checkbox if your district wants to use LDAP over a Secure Socket Layer (SSL) for user authentication.
Important! If the Secure LDAP checkbox is selected, a certificate (.cer) file will need to be emailed to firstname.lastname@example.org so that MasterLibrary Software can connect to your district’s Active Directory server. Until that certificate is provided and installed on the MasterLibrary server, you will not be able to proceed with this configuration. Here is some additional information - Certification.
Note: The LDAP port is completely optional now, you may use LDAP or LDAPS.
Before your district’s connection settings can be saved, the connection must be tested to verify that the server exists and is connectable.
5. Enter any district Active Directory username and password in the corresponding fields.
6. Check the Store Credentials box to store your credentials for the automatic Active Directory synchronization.
NOTE: You have the option to save filters and run a nightly sync to Active Directory to update any user changes.
7. Select the Test Connection button.
Connection test successful will be displayed in the Test Connection field if the connection can be made.
8. Select the Save button to save your connection settings.
Import Active Directory Users
To import your district’s Active Directory users from any screen after logging into your ML Schedules™ Software account using District Admin credentials:
1. Select Settings > Active Directory > AD Filters from the top black toolbar.
2. To add a Filter click the add icon ()
The Manage Active Directory Filter screen will be displayed:
3. Enter an LDAP filter string in the LDAP Filter field.
LDAP Filter Example:
The example string tells the Active Directory Import where to pull the users that should be created in the district’s MasterLibrary Software account. For example, if you only wanted teachers to be added, the filter would be set to only find district teachers.
Within the Active Directory database you can find the filter in any of the three highlighted areas.
4. Enter the username and password of an administrative user in your district’s Active Directory. This user’s permissions will determine what users can be pulled from Active Directory.
5. Select if you would like the Filter to be an "Active" filter, that is used if running a nightly synchronization to Active Directory.
6. Select the View Users () button to display a list of all users that can be imported into your school's MasterLibrary Software account. Any users which can be imported will display a green sync icon () Any users which can not be imported will display an attention icon (), with a reason as to why they can not be imported.
To manually sync the Active Directory filter in your MasterLibrary Software account at anytime, select the sync icon ()
7. To save the Active Directory filter, click the Save button.
8. Repeat Steps 1 - 6 for any additional Active Directory filters you would like to add.
Schedule a Daily synchronization of Active Directory Users
To schedule a daily sync of all Active Directory users stored under an "Active" filter saved in MasterLibrary Software, you will:
1. Select Settings > Active Directory > AD Connection.
2. Confirm your AD Username and AD Password are entered into the Username and Password Fields.
3. Confirm you have checked the Store Credentials check box and select the Save button.
4. Select Settings > Active Directory > AD Filters.
5. Confirm you have the appropriate AD Filters listed.
6. Select the Schedule Daily Sync icon ().
Note: The Import and Daily Sync no longer requires LDAP.
Set Necessary Roles/Permissions for Imported Users
The final step in setting up your district’s Active Directory Authentication is to configure the new Active Directory users’ roles on the Manage Users page.
1. Select Users > Manage Users.
2. Select the Users From Active Directory drop down.
3. Select the edit icon () next to the User you would like to add additional Roles/Permissions to.
The Assign Roles to District Users procedure operates exactly the same as it would for any other user.
Once your district’s users are assigned roles, they can now log in and use your ML Schedules™ Software account.