By clicking on the ACTIVE DIRECTORY link, you can associate to the company that you are configuring a connection to Active Directory. To do this, it is necessary to have completed the installation of BooleBox AD Service. Specifically, within the link area, you can select an option between ACTIVE DIRECTORY (BOOLEBOX AD SERVICE) and ACTIVE DIRECTORY FEDERATION SERVICES (ADFS).
ACTIVE DIRECTORY (BOOLEBOX AD SERVICE)
By choosing the ACTIVE DIRECTORY (BOOLEBOX AD SERVICE) option, you can associate an Active Directory connection to the company using the BooleBox AD Service component. After selecting the checkbox:
- In the box displayed on your screen, in the SERVICE ADDRESS field, enter the IP address for the machine on which the BooleBox AD Service was previously installed.
- In the SERVICE API KEY field, type the key that will be set automatically in the Config file of the AD Service. At the end of the BooleBox AD Service installation, this parameter is indeed still to be set.If this parameter has already been previously configured, in order to change it, it will be necessary to insert a new key and bring it back manually within the BooleBox AD Service configuration file.
Note: by default, the Config file is saved in the same location where BooleBox AD Service was installed.
- Press TEST SERVICE to perform the associated operation.
- Press SAVE to confirm the changes made.
ACTIVE DIRECTORY FEDERATION SERVICES (ADFS)
By choosing the ACTIVE DIRECTORY FEDERATION SERVICES (ADFS) option, you can associate an Active Directory connection to the company you are configuring using the ADFS service. After selecting the checkbox:
- In the box that appears on your screen, enter the ADFS server address in the ADDRESS field.
- Enter the public certificate in the CERTIFICATE field related to the ADFS service, saved on the server indicated above.
- In the dedicated drop-down menu select the SHA256 algorithm to ensure a higher level of security.
Note: the same algorithm needs to be configured in the company ADFS.
Note: for BooleBox On-Premises instances configured in accordance with the Common Criteria EAL2+ certification specifications, the connection with the organization Active Directory domain must not be configured.