Active Directory Integration
Callisto can leverage Active Directory to authenticate users. This feature must be enabled in the Administration – Settings page.
The domain name must be populated. The other fields for User name and Password are an option. As the Callisto server is a domain member, it is likely that this will provide sufficient domain read rights without any further account information. In higher security environments it may be necessary to provide a service account here which has domain user privileges.
Once this is configured, users can be provisioned in one of two ways.
User Initiated Setup
The user attempts to log on to Callisto for the first time using their AD account UPN, e.g. email@example.com and their AD password. The user will be granted access but will have no rights to the system and will see only a welcome message:
At this point the administrator will see a new user record created in the User node:
The administrator can now assign roles and pages to the user account.
When this is complete the user needs only to refresh the browser to see the areas granted access.