FirstClass account automation

560 views
491 views

Published on

Presentation given by Gary Falcon of Aptiris on how to automate creation of accounts for FirstClass, authenticate against Active Directory or LDAP, and leverage existing FirstClass data for external systems.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
560
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • 3 items that FirstClass requires professional services for:Platform MigrationVoice ServicesDirectory Services
  • FirstClass account automation

    1. 1. FirstClass Account Automation Gary Falcon October 2, 2012
    2. 2. Goals What is possible What components & tools to useX Step-by-step installationX Troubleshooting server-specific problems
    3. 3. Where are we going?1. Using FC directory outside FirstClass2. External authentication3. Account provisioning
    4. 4. Topic 1USING THE FIRSTCLASSDIRECTORY OUTSIDEFIRSTCLASS
    5. 5. Approaches  LDAP: Internet Services  LDAP: Directory Services  Data files / ODBC: Application Services
    6. 6. Why? Spam filters Web app authentication Network copiers PHP applications Populate external systems
    7. 7. LDAP: Internet Services[Show Config] Basic Internet Setup Advanced Directory LDAP Browser
    8. 8. LDAP: Directory Services[Config Highlights] Directory Setup Port, root DN Show/Replicate Replication > Filtering
    9. 9. LDAP ComparisonInternet Services Directory Services Authenticate with UserID  Authenticate with LDAP DN All directory objects  Choice of directory objects using BaseDN Global directory only  User contacts ClientID as UID  UserID as UID Less configurable  More configurable  LDAP-format DN
    10. 10. Data Exchange Files / ODBC Build in FCAS Custom built: export exactly what is required Automate schedule Write to text file or ODBC data source
    11. 11. Which to use?1. Internet Services LDAP: First choice2. Directory Services LDAP: When #1 doesn’t provide necessary attributes or function3. Application Services: When LDAP functions aren’t available
    12. 12. Topic 2EXTERNALAUTHENTICATION
    13. 13. Why? Easier for end-users Convenient for administrators Low risk High reward
    14. 14. What?
    15. 15. Authentication WorkflowClient User ID & PasswordFCSFCDS yes LDAP no controlled? yes FCDS no avail? yes AD no avail? yes Valid Valid no login? login? yes no Cache data in FCS Username Log user in or PW error
    16. 16. Authentication: Configuration[Config Highlights] Operation mode: LDAP Auth method: Remote LDAP Server: required Gateway: filtering Change password: off
    17. 17. Challenges Requires SSL for web logins Most recent FCDS may not allow saved passwords
    18. 18. Topic 3ACCOUNTPROVISIONING
    19. 19. FCDS Provisioning Works with AD, OpenLDAP With or without authentication Account adds / removes / changes Creates groups from OUs Matches to sAMAccount Name (AD) or DN (LDAP) One-way replication
    20. 20. Provisioning: Configuration[Config Highlights] Operation mode: LDAP or Replication Enable delete: OFF Set schedule Test in non-production environment
    21. 21. Challenges OU structure vs/ FirstClass groups AD Groups are not replicated Will delete your directory if you tell it to
    22. 22. Custom Provisioning Data can be brought in from any system Handles account adds / removes / changes Flexible handling of group associations Custom apps can follow any required logic Provisioning only; no authentication
    23. 23. Getting Help Limited support from FirstClass Aptiris can assist with:  Support (for Aptiris clients)  Implementation services  Ad-hoc consultation  info@aptiris.com / 877.864.3534
    24. 24. Wrap-UpQUESTIONS?
    25. 25. Thank you! Gary Falcongfalcon@aptiris.com

    ×