In this article
VIDIZMO ID connector provides synchronization of users and groups between local Active Directory (AD) and VIDIZMO Portal web application, Providing SSO (Single-Sign-On) functionality, central administration, and management. Since the administrator may only want selected AD users to gain access to the VIDIZMO Portal web application, administrators can map OU’s (Organizational Units) or Groups that were imported by ID Connector with a VIDIZMO Portal web application setup. This gives complete control over who can gain access to the selected Portal. For VIDIZMO ID Connector customers, their VIDIZMO Portal web application is configured to use VIDIZMO ID Connector to authenticate their end-users (viewers). When an end-user accesses the online Portal at HTTP://[portalName].vidizmo.com, they are redirected to their internal ID Connector website which authenticates them with their AD credentials and automatically logs in to VIDIZMO Portal web application. The rest of the VIDIZMO functions work the same way as for web-authenticated users.
Before you start
- Make sure you log in with the Manager+ role to be able to configure VIDIZMO ID Connector Settings. To learn more about user roles, see: Understanding User Roles.
ID Connector Portal Setup
Go to the ID Connector website and login with the ID Connector website's administrator credentials.
1. From the top navigation bar, click on Portal > Manage Portal.
i. Click on Add, type-in your Portal URL, Admin User-ID and Password.
ii. Click on Verify.
2. The Portal details will be shown in the below section.
i. Click on Add.
ii. Your Portal will be added successfully.
Once the Portals have been added in VIDIZMO ID Connector, you are ready to move to the next step, which involves mapping of these Portals to appropriate AD Groups, OU’s or the entire domain, if required. Mapping the Portal authorizes the users who are a part of the Group or OU to have access to that Portal.
Note: Repeat the steps if more Portals are to be mapped.
After the Portal has been set up, the next step involves mapping them to OU’s and Groups available in the AD (Active Directory). This can be done by following the steps mentioned below.
Note: These steps can ONLY be performed when the ID Synchronization service has run once. If not, you won’t find any OU’s/Groups mapped on the right-hand side.
1. From the navigation bar:
i. Click on Portal > Portal Mapping.
ii. Portal Mapping page will open where you will be able to see recently added Portal(s) on the left-side, with respective OU's/Groups mapped on the right-side.
2. Select the Portal to be mapped:
i. Click on the Define button, which will open a new window.
ii. Search for the OU's or Groups that you want to map through the available filters.
Note: OU and Group list are available ONLY when ID Sync Service has run once, that happens as soon as ID Sync Service is activated. If the list doesn’t show up, wait a few minutes then try again. To check if ID Sync Service has run and added new records, go to Settings > Service Activity Log, which will display newly added, updated and deleted objects obtained from the AD.
3. Check the boxes of the OU's/Groups that are to be mapped, click on Add.
Note: AD Groups and OU's work the same way in ID Connector as they work in AD i.e. If the parent Group or OU is mapped, all the child Groups and OU’s will automatically gain the access to VIDIZMO Portal. Therefore, it is recommended that Groups and OU's should be carefully mapped, mapping the main OU or Group will ultimately give access to every user under them.
4. You will be redirected to the Portal Mapping page, click on Save button.
5. Repeat the steps if more Portals are to be mapped.
Note: The AD users under selected Groups and OU’s will be synchronized on the next run of ID Sync Service. The results will show up in numbers in ‘# of the users’ column in the ‘Manage Portal’ page. The count there shows the actual number of users synchronized to that VIDIZMO Portal.
This screen is accessible from Users > Manage Users, it provides a convenient way of looking at all the users imported by ID Sync Service and their synchronization status. Here are some of the scenarios where the Manage Users feature is useful.
1. Filter Users on Status: Filters such as Username, Portal, and Status shows the relevant users' details. A brief description of each status type is provided below:
- New: The users added before the Sync service has taken place are marked as New.
- Updated: The users will be marked as updated after the Sync Service has run. If a user from AD has been deleted or marked disabled, it will automatically be removed from the list.
- Processing: ID Sync service takes time to sync the accounts of users. While the service is running, it sets its status to ‘processing’.
- Synchronized: As its name suggests, the synchronized users will have access to their respective Portal.
- Error: In case if user status is marked as Error, there must have been some problem that can be viewed in the Error Log.
2. Filter users on Portal: Another convenient filter available on this screen is Portal. The Portal setup at the ID connector will show up in the drop-down list. With this, the site-administrator can list all the users who have qualified for synchronization with the Portal and have been successfully signed up.
3. User Details: Clicking on the specific user will open detailed information users stored in the ID Connector database. This information is often helpful in diagnosing problems or understanding why that user didn’t synchronize in each Portal or why he did.
4. De-Synchronize User: While OU, Group and Domain Mapping provides a convenient way to synchronize users in bulk, there may often be a need for removing a specific user from being synchronized. This can be achieved by clicking on the checkbox of those users on the ‘Manage User’ screen and clicking on the Update button.
Note: These users will be removed from the Portal as soon as the Sync Service runs.
Service Activity Log
Service Activity Log is another page that shows the overall statistics generated by the ID Sync Service. After each run, the service should show 5 log records for each entity, namely OU’s, Groups, Users and Domain list imported from the Active Directory and finally the users that were signed up at VIDIZMO.
Brief description of each column displayed on the screen is provided below:
1. Entity Name: It shows the name of the entity that is being processed. It shows the internal name that the ID Sync Service uses.
2. Provider ID: It is an ID responsible for importing Users, OU’s, Groups and Domain List from AD and VIDIZMO Provider (responsible for synchronizing the users at VIDIZMO). Provider ID = 1 (for AD Provider) and Provider ID = 2 (for VIDIZMO).
3. Start Time & End Time: It shows the time at which the ID Sync Service started its processing for a particular entity and the time when ID Sync Service ended processing that entity.
4. (Added or Updated)/Failed: This field shows the number of (Added or Updated) objects and the number of objects that got failed during the process. For example, 255/5 means there were 255 objects that were added or updated, and 5 objects got failed.
5. Deleted/Failed:: This field shows the number of objects that were missing from AD and therefore, were deleted from the Local Database as well as from VIDIZMO. For example, 10/1 means 10 objects were deleted while 1 represents the number of failed objects.
Configuration in VIDIZMO
To configure your VIDIZMO Account/Portal:
1. Login to VIDIZMO Account/Portal that you want to configure to authenticate using VIDIZMO ID Connector.
i. Click on the menu bar,
ii. Click on Portal Settings.
2. Click on Apps > Single-Sign-On, scroll-down to VIDIZMO ID Connector app
3. Click on its Settings.
4. A form will pop-up that asks you to fill the Meta Address. The meta address will be the URL of your ID Connector page, it will be in the form of Http://(your IDConnector.Domainserver). The other two fields are optional.
5. Copy the URL and then paste it in the field of Meta Address on the VIDIZMO application. Click on Save Changes and toggle the button of VIDIZMO ID Connect.
Note: If you are unable to find these options, please contact our Sales and Support team.
VIDIZMO ID Connector primarily provides SSO, Central User Administration, and VIDIZMO Portal access control. Therefore, for the end-user, the change comes at the sign-in step only, the rest of the VIDIZMO experience remains the same.
Inviting Users to join Portal
VIDIZMO provides a convenient functionality to invite users to join a Portal. This feature will not work for users who have an AD User ID, AD Users can be given access to Portal by mapping their AD Group or OU against that Portal via VIDIZMO ID Connector. The mapped users will automatically become users of that Portal. VIDIZMO invite feature is only for those users who do not have the AD user ID and require access to secured Portal content.