Integration with Active Directory
Hello All,
We're in the process of evaluating the use of Tender and it's suitability to perform the internal support help desk functions for our IT department.
As part of this process we're looking to section groups of users to appropriate people, in the case of our business the best way of explaining it is we're a group of franchises. Each franchise has it's own support person which can answer most queries, however from time to time they'll want to escalate to someone for specific topics.
Currently I'm looking at a set up like the following:
Each franchies or Office is a "Company" in Tender, We have a generic set of categories across the lot, each user will be assigned a particular "Company" and through the use of the discussion filters we'd forward any users query from that franchise to a Queue for each franchise.
In order to roll this out I'd like to implement SSO using our existing active directory set up, has anyone done any integration of users using active directory (ADFS?) or done a similar integration?
Regards,
Mike Scott
Discussions are closed to public comments.
If you need help with Tender please
start a new discussion.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
Support Staff 1 Posted by Courtenay on Nov 09, 2011 @ 09:43 PM
Hey Mike,
That sounds like it could work with the following caveats;
Users can see all discussions from other users in their company. That means 'private' is private only within a given franchise. So I can see my co-workers discussions, for example.
Support staff can see everything. So a given support user will be able to see those queries from other queues/franchise. However a support user can subscribe to a single queue only and receive only emails from new discussions in that queue.
In terms of SSO, no-one I know of has implemented that bridge between active directory and our SSO, but I can imagine it would be fairly straightforward; our SSO is really simple. All it does is create a JSON hash of the user's core details and encrypts it, and on our end we find or create a user with those details.
2 Posted by Mike Scott on Nov 09, 2011 @ 09:47 PM
Thanks for your response Courtenay.
So to clarify - "Private" discussions are private not to an individual, so those discussions which are marked private but are able to be seen by any user inside of that "Company"?
If we were to instead use your custom information feature: https://help.tenderapp.com/kb/setup-installation/include-custom-inf...
Are we able to filter on that information? And can we "seed" that information using your API?
Support Staff 3 Posted by Courtenay on Nov 09, 2011 @ 10:21 PM
Yes, private discussions are visible to users in the same company.
Yes, you can seed the 'extras' with the users API. You can't filter on it but that's a great idea.. I'll investigate how much work it would be to add that.
4 Posted by Mike Scott on Nov 09, 2011 @ 11:22 PM
I'm unable to see in the users API what the syntax is for the 'extras' information:
https://help.tenderapp.com/kb/api/users
Also, if I create a user using this api, password is stated as being compulsory. Can I give a random password and will the single sign on still function as required?
Support Staff 5 Posted by Courtenay on Nov 10, 2011 @ 12:27 AM
You just set 'extras' as a hash of key/value. Like
Yes, set a random password and SSO will function fine.
I'm about to deploy this feature for you, of filtering by extras. You can filter by exact string or by regular expression.
Support Staff 6 Posted by Courtenay on Nov 10, 2011 @ 12:28 AM
You can also send it as part of the json hash you encrypt if you login someone via SSO.
7 Posted by Mike Scott on Nov 10, 2011 @ 03:11 AM
Thanks for your help through this Courtenay. Really appreciate it.
I've seen where/how to do it with the API and SSO - looks good. I'll just set up a web-based end point at our end to do the login and validation. In terms of the filtering feature - I was talking about being able to create a filter (http://bdo.tenderapp.com/settings/filters/new) so we can base it of the extra information provided. Is this where you're adding the feature?
Support Staff 8 Posted by Courtenay on Nov 10, 2011 @ 03:41 AM
Yes, in a few hours that will have a box where you can set matchers
for 'extras'. You'll set up something like 'franchise=Monkeys' or
'balance=100'
9 Posted by Mike Scott on Nov 10, 2011 @ 03:42 AM
Cheers!
Apart from an issue of postini gobbling up the tenderapp emails as spam, things are looking promising.
Will let you know how we get on.
Mike Scott closed this discussion on Nov 10, 2011 @ 03:49 AM.