This article provides information on how to integrate your Active Directory security credentials for use within MVE (My Vision Express).
| NOTE- For the Active Directory integration to work, you need to set up the 'Login Mode' section under the 'System Settings' tab of the Company Information screen (File > Setup > Company Information). Use the 'Domain' field to enter the distinguished name of the parent domain which holds organizational units (OU) and users. Users are assumed to be within the OUs. Sub-OUs are not currently supported.
The import window (Tools > Active Directory Import) will display all the users, and security groups that the users are members of, within the OUs in the domain. Security groups are displayed if they have members. Users are shown in the top half of the screen, and the security groups are displayed on the bottom.
Users and groups in the domain that do not have an equivalent in MVE are marked in green. Grey rows indicate users and security groups that already exist in MVE.
If a users first or last name is changed in Active Directory, the column will be highlighted in yellow. If this user is re-imported, the existing record in MVE will be updated.
Data missing from required columns is highlighted in red. Users missing required data will not be imported.
Use the 'Import' check boxes to select the users and security groups to be imported, and click the Import button to transfer them into MVE. After importing the selected users and security groups, the Active Directory - Import dialog will refresh. Click 'Close'.
NOTE - Employee records that are imported from Active Directory will have the first name, last name, user ID, password, session domain, and session username, automatically set. The session domain is determined by the sub-domain from the domain setup in the system settings. For example, if the domain is set up as "DC=MVE,DC=Office", then the session domain is imported as "MVE". The session username and user ID are both the Active Directory username.
Local Installation Users
If the Active Directory login type is set, employees will no longer log in using the MVE Login dialog box. Instead, each users Active Directory account can be imported into My Vision Express as described above, which then maps their account to the corresponding employee record. When the user is signed in to Windows, and opens My Vision Express, it will check to determine whether their Windows account is mapped to an employee. If so, the user will then be logged in automatically. If the company has multiple locations and the employee is assigned to more than one, the 'Location Selection' screen will populate and allow the user to select which location they wish to use.
When the user logs out of My Vision Express, the application will either close, or the location selection screen will pop up, depending on the number of locations that the user is assigned to. If the user is only assigned to one location, the application will close when they log out of My Vision Express. If the user is assigned to multiple locations, they can either select a new location to sign into, or click 'Cancel' to close the application.
Web Hosted Customers
For web-hosted customers, the Active Directory login option is not available. However, each employees Windows account can still be mapped to use the auto login feature. This can be done by setting the session 'Domain' and 'Session Username' fields in the Employee Setup screen (File > Setup >Employees). This information can be found at the initial login screen.
In the example below, "mvedev-pc" is the session domain, and "michael" is the session username.
For additional assistance please contact My Vision Express Support
1-877-882-7456 ext 3.