Import hierarchy with Active Directory
With Active Directory, you can import your class roster and school’s hierarchy, providing seamless control and supporting Single Sign-On (SSO) for students and teachers. Follow the directions below to integrate Active Directory:
- Navigate to “My School” from the menu along the bottom, click “Active Directory” and “+Add New Profile”.
- Select the type of Active Directory integration you want to set up: Active Directory LDAP or Active Directory Federation Services (AD FS).
- Enter the profile name, base domain and server info. We recommend a public IP or a fully qualified domain to your Active Directory server.
- To enable Active Directory integration with SSL, you can use an LDAP with TLS or LDAPS. If using LDAP with TLS, select the “Use TLS for connection” option.
- Next, choose your certificate. It is important to release the Mosyle Manager IP. The AD Server must be public and reachable by Mosyle servers. Release in your firewall the IPs: 220.127.116.11, 18.104.22.168
- Select the location responsible for the certificates, and click “Save”.
How to configure Active Directory Synchronization
- Click on “Synchronization” on the right hand side within the Active Directory area and check the box next to “Sync this structure” to enable the synchronization.
- Next, enter the credentials to bind the directory (username and password).
- Choose the option “Only add new data and do not edit existing data”, if you are adding new data. This means the existing data in Mosyle will not be modified.
- Enable the “Welcome email” option, if you wish to send a welcome email to all new teachers.
- Finally, choose if the data will be automatically synced every night between 4am-5am EST and click “Save”.
How to configure Active Directory Binding
- After you have saved the configurations in the "Configure" tab, go to the “Mapping” tab and click on “Use a selector”.
- Next, click on the OU associated with your system. If you have multiple containers, select the right one for the type of user you're mapping, such as Student, and click “Save”.
- Fill out Mapping attributes: the “Student ID” and the “Student name” with the proper credentials. Both “email” and “Managed Apple ID” are optional to fill out and click “Save”.
- Select “Pull fresh data” on the bottom and click “View” under the “Students” tab to verify the data that will be synchronized. Then click “Save” when you are done.
Important note: Mosyle Manager can only import items within an object.
How to setup Active Directory Authentication
- Within the Active Directory Integration, click on “Authentication”.
- If you plan on using Active Directory as your authentication, click the box next to “Use AD to validate user and password” to select this option.
- Fill out the “Query to login” with the proper information. The query to log in is usually how you log into your network. You should follow the format “\?” as the question mark will be replaced by the username. You are able to use the fields in the grey box to test the integration.
- When finished, click “Save”.