Active Directory Connector v2 Requirements

Most large companies use Microsoft Active Directory (AD) to automate changes for user identities and application privileges.

The Active Directory Connector (ADC) receives Active Directory user updates and automatically makes the same changes in your GoTo account.

The ADC accesses all users in selected AD groups containing GoTo users and all users in any subgroups. All new users are added to one of your validated company email domains in the GoTo Admin Center (classic)'s SCIM* service.

* SCIM is the System for Cross-domain Identity Management that defines how user identities are managed across multiple systems, generally over the Internet.

There are 4 areas of requirements to use the Active Directory Connector (ADC) effectively: Accounts, your Active Directory implementation, the Windows requirements for the ADC host machine, and your firewall settings.

Account requirements

A GoTo product account with at least one (1) Organization admin who also has a GoTo product admin role

Active Directory requirements

An Active Directory environment running Windows Server 2003 (or later) with the latest updates installed.
Windows admin account with the "Log on as a service" permission enabled. This account is used for the Active Directory permission section of the ADC software. To enable this permission for the account being used, do the following:
1. In Windows, search for and select Local Security Policy.
2. Go to Local Policies > User Rights Assignment.
3. Right-click Log on as a service >Properties > Add User or Group.
4. Add the ADC Service User (e.g., DOMAIN\username).
5. Go to Check Names > OK > OK > Apply to save your changes.

System requirements

Active Directory Connector v2 System Requirements
Operating System	Windows Server 2008 SP 2 or later (not necessarily a domain controller Windows Vista SP 2 or later
Software	Microsoft® .NET Framework 4.5 update on the machine where the ADC will run (included in the ADC installer if needed)
Memory	2 GB RAM or more recommended
Available Disk Space	200MB or more (depending on log level and storage period)
Display	Minimum 1680 X 1050
Internet Connection	Broadband internet connection with 1+ Mbps and ability for the ADC to connect to https://goto-developer.logmeininc.com

Firewall settings

Firewall settings should be configured as follows:

Use Case	< Source Server >	< Target Server >:< Port >
Interface for provisioning	< ADC Server Name >	*.getgo.com:443
Interface for logging; < source server >	< ADC Server Name >	logging.getgo.com:443
Interface for authentication; < source server >	< ADC Server Name >	*.logmeininc.com:443
Interface for checking new version of ADC; < source server >	< ADC Server Name >	s3.amazonaws.com:443
Insecure connections	< ADC Server Name >	Active Directory Domain Controller:389 (LDAP)
Secure connections	< ADC Server Name >	Active Directory Domain Controller:636 (LDAPS)
Global Catalog, Insecure connections	< ADC Server Name >	Active Directory Domain Controller:3268 (LDAP)
Global Catalog, Secure connections	< ADC Server Name >	Active Directory Domain Controller:3269 (LDAPS)

Steps for setting up the Active Directory Connector v2 and managing users in User Sync:

Review the Active Directory Connector v2 requirements
Set up an organization
Install the ADC v2
Configure the ADC v2
Run the ADC v2
Manage User Sync rules
Update the ADC v2 to the latest version (if applicable)
Troubleshoot the ADC v2 (if needed)