Single Sign On (SSO) can be implemented with Active Directory/LDAP/LDAPS to reduce the need for patrons to remember multiple passwords and to remove multiple authentication challenges from accessing Infiniti. Infiniti authenticates against the AD or LDAP password.
Note: Infiniti must be operating in Production mode to implement SSO.
Usernames and Network IDs
Note: SSO will only work if a patron's Infiniti username matches their network ID. If your patron's usernames do not match their network IDs your IT Manager must align them prior to implementing SSO.
Preparation for SSO
- Username - must match network ID to facilitate single point authentication.
- Populate the Settings > Integration parameters and turn on your LDAP authentication.
- Set up a test user in Infiniti and AD to test the active directory locally.
Whitelist this IP address for domain concordinfiniti.com:
- IP address: 126.96.36.199
Whitelist this IP address for domain concordinfiniti.co.uk:
- IP address: 188.8.131.52
Enable Active Directory/LDAP/LDAPS Integration
Go to: Settings> Integration
- Open Active Directory tab.
- Switch Active Directory Enabled.
- Add Active Directory Domain(s) separated by commas if more than one, e.g., myschool.edu,students.myschool.edu
- Add the Active directory URL/Port, e.g., ldap://IP address:portnumber, e.g., 389, 3268. Note: The IP address should be an external facing IP address.
- Ensure that your chosen port is not blocked and add a firewall exception if necessary.
- Optionally Test Connectivity of your connection.
- Logon to your school network as the test user you have created.
- Open the Infiniti logon page.
- Logon to Infiniti using the same username and password you used to logon to your school network.