Configure DRTrack

Open the web.config file and locate appSettings

  1. Ensure UseSSO and UseSSL are set to the desired values.
  2. For appSettings, ensure SyncSSOUsers is set to True if the customer’s user store will require syncing from Okta.  
  3. Users will also need to be synced the first time they log-in.
  4. Ensure that SSODomain is set to the correct URI for the Okta account.
  5. SSOToken should be set to the same token noted in #48 above.
  6. Ensure PartnerIDP is set as noted in #40 above.
  7. In the saml.config file, update the settings In the ServiceProvider as follows:
    1. Name= Host name.
      1. Example:  charles.appianlogistics.com
    2. Description = DRTrack.
    3. AssertionConsumerServiceUrl = ~/AssertionConsumer.aspx.
    4. LocalCertificateFile = sp.pfx file location.
      1. Example:  Certificates\sp.pfx
    5. LocalCertificatePassword = Chosen password (creating certificate files).

 

 

Update the settings for PartnerIdentityProvider as follows:

  1. Name = Value of Identity Provider Issuer *
  2. Description = Okta
  3. SignAuthnRequest = True
  4. WantSAMLResponseSigned = True
  5. SingleLogoutServiceBinding = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
  6. SingleLogoutServiceUrl = Value of Identity Provider Single Logout URL*
  7. SingleSignOnServiceBinding = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST 
  8. SingleSignOnServiceUrl = Value of Identity Provider Single Sign-On URL*
  9. PartnerCertificateFile = File location of idp.cer file 
    1. Example:  Certificates\idp.cer

 * Note:  Reference END OF LOGOUT SPECIFIC SETTINGS above

 

 

 

In the web.config file, set UseSSO appsetting to FALSEthen log in to DRTrack as an ADMIN.

  1. Navigate to (domain)Pages/LDAP/LDAPMapManager.aspx.
    1. Example:  http://charles.appianlogistics.com/Pages/LDAP/LDAPMapManager.aspx

 

 

For each relevant User Group on the LDAP server, map/assign each to the proper permissions category (Roles/and Branches) to ensure the assigned users to those groups are granted access to the correct category during the sync process.

  1. Each DRTrack User Group (Name) is assigned a Sort Number. 
  2. Each of DRTrack User Group is then assigned to one LDAP Group on the LDAP server.
  3. Each LDAP Group is assigned a matching name and Sort Number as the DRTrack User Group.  
  4. DRTrack User Groups are sorted in order of precedence, from lowest number to the highest.
  5. Users can be assigned to more than one LDAP Group, but can only be assigned to one DRTrack User Group.
    1. If a user is assigned to more than one LDAP Group, they will be assigned to the DRTrack User Group that has the lowest number value. 
    2. Example:  If LDAP Group Branch-Las Vegas is assigned the number 100, then every user assigned to the DRTrack User Group Branch-Las Vegas 100 will all be assigned to group 100 (Las Vegas)