Eduphoria is offering a new tool to help districts manage user accounts on our hosted solution.
What the tool does:
Eduphoria’s Active Directory Remote Authentication tool allows your users to login to Eduphoria’s hosted solution with their Active Directory account. This is typically the same account teachers and staff use for their district email. This tool can save time and frustration for users and as well as district support staff. When an Active Directory account is activated, the account for Eduphoria is also activated on first login. When the user changes their Active Directory account password, the user or support staff does not need to separately update the Eduphoria password.
How the tool works:
Users authenticate to Active Directory from a lightweight remote authentication server that is installed inside your district. Once authenticated on that server, they are redirected to our hosted solution with a secure OAUTH2 token which identifies them to our servers. From a user’s point of view it looks as if they are logging directly into our hosted solution with their Active Directory account.
Why the AD Remote Authentication tool is so great:
Active Directory credentials are never sent over the web. Accounts are securely managed by the districts via their existing Active Directory tools. Username changes are effective the next time a user logs in. No need to manually update or wait for a nightly sync! Keep all your district user accounts up-to-date and ensure district password security measures are maintained without increasing IT staff workload.
1. Review remote authentication server requirements.
2. Begin building remote authentication server.
3. Provide access to Eduphoria.
4. Work with Eduphoria Tech support to select an activation date.
Remote Authentication Server Requirements
Districts must provide a web server that meets the following minimum requirements:
●Windows Server 2016 or Windows Server 2012 R2 X64
● Server Grade Intel Processor
● 8GB of RAM
● 80GB HDD Space on C
● HTTP (80) and HTTPS(443) access from the internet
● Public DNS entry (ex. eduphoria.districtisd.org)
● Valid SSL certificate
● Access on 443 for SSL
● Member of Active Directory Domain
● AD Group or Groups that will be allowed to login
● AD Accounts that will be logging in must have email address defined in Active Directory
Depending on your current account management settings:
● URL for your district may change.
● Application specific password for initial setup on iOS / Android apps and Aware Plain Paper Scanning Applications.