Configure Active Directory¶
Colectica Repository and Portal can use Active Directory for authentication. Follow these instructions to enable Active Directory support.
In
PortalDir\appsettings.json
, set theUseWindowsAuthentication
setting totrue
.Rename the
windowsauth.settings.json.dist
configuration file towindowsauth.settings.json
.In the
windowsauth.settings.json
, there are two sections for assigning windows users and windows groups to the three Colectica roles. For windows users, use the full AD name of the user. For groups, it is highly recommended by Microsoft to use the group’s SID for performance reasons. Only the SID of groups are included in the Windows auth tokens, using the names can result in round trips the the AD server.Windows Users
"WindowsUsers": { "ColecticaAdministratorRoles": [ "DOMAIN\\User1", "DOMAIN\\User2" ], "ColecticaUserRoles": [], "ColecticaGuestRoles": [] },
Windows Groups
"WindowsGroups": { "ColecticaAdministratorRoles": [ "S-1-5-21-1004336348-1177238915-682003330-512", "S-1-5-21-1004336348-1177238915-682003330-1145" ], "ColecticaUserRoles": [], "ColecticaGuestRoles": [] }
Configure IIS authentication
Select the Repository IIS Site
Enable Windows Authentication
Disable Anonymous Authentication