product icon

Active Directory Connector v2 Requirements

    Most large companies use Microsoft Active Directory (AD) to automate changes for user identities and application privileges.

    The Active Directory Connector (ADC) receives Active Directory user updates and automatically makes the same changes in your GoTo account.

    The ADC accesses all users in selected AD groups containing GoTo users and all users in any subgroups. All new users are added to one of your validated company email domains in the GoTo Admin Center (classic)'s SCIM* service.

    * SCIM is the System for Cross-domain Identity Management that defines how user identities are managed across multiple systems, generally over the Internet.

    There are 4 areas of requirements to use the Active Directory Connector (ADC) effectively: Accounts, your Active Directory implementation, the Windows requirements for the ADC host machine, and your firewall settings.

    Account requirements

    • A GoTo product account with at least one (1) Organization admin who also has a GoTo product admin role

    Active Directory requirements

    • An Active Directory environment running Windows Server 2003 (or later) with the latest updates installed.
    • Windows admin account with the "Log on as a service" permission enabled. This account is used for the Active Directory permission section of the ADC software. To enable this permission for the account being used, do the following:
      1. In Windows, search for and select Local Security Policy.
      2. Go to Local PoliciesUser Rights Assignment.
      3. Right-click Log on as a service  >PropertiesAdd User or Group.
      4. Add the ADC Service User (e.g., DOMAIN\username).
      5. Go to Check NamesOKOKApply to save your changes.

    System requirements

    Active Directory Connector v2 System Requirements
    Operating System
    • Windows Server 2008 SP 2 or later (not necessarily a domain controller
    • Windows Vista SP 2 or later
    Software
    • Microsoft® .NET Framework 4.5 update on the machine where the ADC will run (included in the ADC installer if needed)
    Memory
    • 2 GB RAM or more recommended
    Available Disk Space
    • 200MB or more (depending on log level and storage period)
    Display
    • Minimum 1680 X 1050
    Internet Connection

    Firewall settings

    Firewall settings should be configured as follows:

    Use Case < Source Server > < Target Server >:< Port >
    Interface for provisioning < ADC Server Name > *.getgo.com:443
    Interface for logging; < source server > < ADC Server Name > logging.getgo.com:443
    Interface for authentication; < source server > < ADC Server Name > *.logmeininc.com:443
    Interface for checking new version of ADC; < source server > < ADC Server Name > s3.amazonaws.com:443
    Insecure connections < ADC Server Name > Active Directory Domain Controller:389 (LDAP)
    Secure connections < ADC Server Name > Active Directory Domain Controller:636 (LDAPS)
    Global Catalog, Insecure connections < ADC Server Name > Active Directory Domain Controller:3268 (LDAP)
    Global Catalog, Secure connections < ADC Server Name > Active Directory Domain Controller:3269 (LDAPS)

    Steps for setting up the Active Directory Connector v2 and managing users in User Sync:

    1. Review the Active Directory Connector v2 requirements
    2. Set up an organization
    3. Install the ADC v2
    4. Configure the ADC v2
    5. Run the ADC v2
    6. Manage User Sync rules
    7. Update the ADC v2 to the latest version (if applicable)
    8. Troubleshoot the ADC v2 (if needed)