Would love to see active directory integration with PE so that logins are synched
7 comments
-
Permanently deleted user Official comment Hi Don,
This option is available and can be setup. In order for it to work, the email address within Active Directory must match the email address assigned to the staff login within Practice Engine. Once that is complete, there is a setting that our support team can change for you in the background (in v. 8). In v9, the setup is a bit different but the option is still available.
Please feel free to reach out to support if you would like to proceed with setting this up.
Thank you,
Melissa
-
Ryan Posener A little update: In 9.3 we will be revisiting this to provide a connector with Azure AD for single sign on. I am curious to know status of firms use of Office 365, which requires Azure AD or their synchronization of AD to Azure AD in general. Azure AD provides the cleanest and simplest solution to this.
-
Lisa Dunnigan We are not on O365 yet, but are considering it next year.
-
Steve Perkins Ryan we would like this feature. We have 9.3 on-prem of course but we are about to move Exchange and Lync to O365, I believe with Azure AD integration. Will this connector work with on-prem PE?
-
Ryan Posener Hi Steve, We have not implemented an Azure AD authentication mechanism as of 9.4. Some of that is because it became a lower priority since we have not heard from clients this is priority. The Azure AD connector will (when implemented) work with any Full or Hybrid Azure AD implementation.
9.5 is still in development, but the Azure AD authentication connector is not currently in our backlog for 9.5 either. I have raised the question internally again though, as there is a real possibility of getting it in the 9.5 release.
On-Premise Windows Authentication has always been an option, and will continue to be an option for the foreseeable future.
-
Steve Perkins Ok I may not be clear on what the capabilities are in 9.3 on-prem like we have. I think our credential function in PE is completely separate from Windows credentialing. Are you saying we can tie the two together right now?
-
Ryan Posener Hi Steve,
Yes, you can use Windows Authentication currently. This has been a feature of PE for many versions since (v7/v8 days). If you contact support, I believe they can open a ticket to provide you the documentation and some assistance with setting it up.
I would recommend setting up a new PE install for Windows Authentication. Each install can only use 1 type of authentication (forms or windows) - but you can have multiple installs without issue. This also is a great way to work out any kinks or issues you might have.
Also, some features do not work in both. For example, the impersonation login may people use to troubleshoot staff setups will not work in Windows Authenticated mode. Also, as Melissa noted at the start of this thread, your PE logins must match your Windows Authentication logins. This may require changing user logins in PE to DOMAIN\User instead of their email address. Azure AD by contrast uses the user's UPN which is an email format.
I'm sure support can provide the documentation for your review and help with the configuration and setup in your environment.