Does Grand Avenue integrate with Active Directory?

Owned by Jim Ivey
Last updated: Oct 01, 2023 by Ann Ivey
2 min read

A Grand Avenue installation can be configured to integrate with an Active Directory domain.

When this feature is enabled, users with linked Active Directory accounts log into the application with their Grand Avenue user account and their Active Directory password, and also perform subsequent signoffs with their Active Directory password.

Each user still has an account defined in Grand Avenue. The Active Directory integration just connects with the Active Directory domain to verify the password for the user.

EXAMPLE: A System Administrator enables the Active Directory integration and links Jane Doe’s Grand Avenue account (username “janedoe”) to her Active Directory account (username “jane.doe@mycompany.com”). When Jane logs into Grand Avenue, she’ll use the Grand Avenue username “janedoe” and the password for her Active Directory account. When she signs off on tasks and other activities while logged into Grand Avenue, she’ll use the password for her Active Directory account.

When you configure the Active Directory integration and start changing user accounts over to be linked to Active Directory, you should always leave one or more users (usually IT department) with accounts that have Grand Avenue passwords instead of being linked to Active Directory, so that you can still get into the system if the Active Directory server is temporarily unavailable or its configuration changes (like moving the AD servers to new IP addresses).

 

NOTE: In order for the Active Directory integration to work, your Grand Avenue installation must be able to contact one or more of your company’s Active Directory domain servers.  For customers with their Grand Avenue installation hosted in our datacenter, this means your Active Directory servers need to be exposed outside your company firewall to be accessible by Grand Avenue. Your IT department can mitigate the risks associated with doing this, by locking down access to specific IP addresses or potentially even working with us to set up a custom VPN tunnel between the sites.

 

Enabling the Active Directory integration

  1. Log into Grand Avenue as a user assigned the System Administrator role

  2. Click the Configure System link in the navigation menu

  3. Click the Configure Active Directory Authentication link

  4. Enable the feature.

Linking a User’s Grand Avenue Account to Active Directory

  1. Log into Grand Avenue as a user assigned the System Administrator or Account Management roles

  2. Click the Manage Users link in the navigation menu

  3. Click the Define Users link

  4. Click the Change Password Authentication link for the user

  5. Set the Use Active Directory for Authentication field to Yes

  6. Enter the user’s Active Directory username

Copyright © 2022, Grand Avenue Software, Inc. All rights reserved.