Active Directory (AD) Integration¶
Active Directory integration is an optional MIP module. A Volicon, a division of Verizon Digital Media Services, Support Engineer will need to be involved in the process of implementation.
The following prerequisites need to be met for the AD integration to proceed:
The Support Engineer needs to know the IP address or the Fully Qualified Domain Name (FQDN) of the AD server. The FQDN is more flexible and is preferred.
Add the MIP Web server to the AD domain.
Create a simple domain user with a non-expiring password and notify Support.
Provide the Support engineer with your Organizational Units (OUs) and their basic structure.
Upgrade all the MIP servers to the latest qualified build prior to integration.
Configure all your client browsers to have the Web server address in their Intranet Zone or IE trusted zone.
After all prerequisites are met, you must define several groups in the MIP. To do so, you can access the system with a non-AD password through the URL
http://<server>/admin/. When using AD integration, the user’s set of permissions (including accessible channels and maximum number of concurrent channels played) is defined on the MIP groups (User Management section).
You must also create identical group names as defined in MIP in the AD. Once completed, the administration of users’ access to MIP and their privileges will only be administered through the AD by adding or removing users as members of the different groups. Note: One exception is the number of concurrent channels. By default there is no limit; if defined, the MIP settings will be used. Furthermore, if multiple groups define the number of concurrent channels, the highest number will be used even if it is set to unlimited.
Initially, the user accesses the MIP system through a browser with only an IP address or a Domain Name. Access to the MIP system is provided automatically according to the user’s assigned group(s) in AD, matching the user by group name to the defined MIP groups. If the user is a member of several groups, their effective permissions will be the sum of all permissions of those groups.
The user’s name is automatically created internally within the MIP upon first logon. It is then associated with the user generated content in the MIP - clips, programs etc.