Microsoft Active Directory is a directory structure used on Microsoft Windows based computers and servers to store information and data about networks and domains. Microsoft Active Directory has a variety of functions including the ability to provide information on objects, helps organize these objects for easy retrieval and access, allows access by end users and administrators, and allows the administrator to set security up for the directory. If the Active Directory optional feature has been purchased, the information about user accounts, such as names, passwords, phone numbers, and so on, can be synchronized with FileHold. This allows administrators to single source user accounts, passwords, and security groups to control access to the document management software. This is beneficial as it reduces the amount of work for administrator to maintain these items in disparate systems.
If there are 50,000 or greater Active Directory objects, it is recommended that the following timeout values are increased by a factor of 100. This includes computers, printers, users, groups and, service accounts. Update the following values in the config files on the FileHold server:
- C:\Program Files\FileHold Systems\Application Server\UserRoleManager\web.config – LongSQLCommand, WebServiceCall, and executionTimeout
- C:\Program Files\FileHold Systems\Application Server\fileholdadm\fileholdadm.exe.config – Web service timeout seconds
- C:\Program Files\FileHold Systems\Application Server\FHInstrumentation\FHInstrumentation.exe.config FHInstrumentation – WebServiceCallTimeoutSec
This article is meant for experienced Active Directory administrators who wish to effectively manage the system, especially with larger numbers of users. FileHold system administrator, server administrator, and domain administrator credentials are required.
To synchronize Microsoft Active Directory with FileHold for new installs
On the FileHold server, run FH Instrumentation Tools (FHIT) in C:\Program Files\FileHold Systems\Application Server\FHInstrumentation.
In FHIT, go to AD Synchronization and click on Start.
Enter the credentials for the FileHold system administrator and click Connect.
In the Synchronized Domains window, click Add.
In the Domain Properties window, enter the following information and click Retrieve:
Address – Enter the address for the Active Directory domain.
User – Enter the domain administrator user name.
Password – Enter the password for the domain administrator.
- The Domain name and Container is populated with the domain information. Click OK.
- The domain is added to the list of domains. Continue to add domains as needed.
- To synchronize, select the domain name from the list and click Synchronize.
- The following message appears, "FileHold will now be synchronized with the selected domain. This operation may take a few minutes. Are you sure you want to continue?" Click OK to continue.
- Once the synchronization process is completed, the message, "Synchronization was successfully completed" appears. Click OK.
- After the synchronization process is completed, you can now set the default domain in the administration panel.
To synchronize Microsoft Active Directory with FileHold during an upgrade
- From the list of Synchronized Domains, select the domain name and click Update.
- In the Update Domain window, confirm the domain information and click OK.
- The message, "Licensing information will now be retrieved. Are you sure you want to continue?". Click OK.
- The message, "Licensing information was successfully retrieved" appears. Click OK.
For more information about using Active Directory with FileHold, see: