The configuration depends on what is needed for the particular AskCody implementation. It can vary from a a very simple forwarding service for one Active Directory group to a complete role and location management setup using multiple Active Directory groups. Before starting the configuration, please make sure that a service account is created for the Sync and make sure that you know which groups that should be synced. The sync configuration is a vital part of the implementation process and needs to be aligned with the business logic and services that will be deployed.
Difference between users and hosts
When setting up the AADFS sync configuration it is important to distinguish between users and hosts. In AskCody services users are user accounts with access based on roles and memberships, for example Meeting+ Users. Hosts, on the other hand, are only used in Welcome+.
AADFS configuration editor
AskCody endpoint for Active Directory data: This is set automatically by the configuration editor.
Sync interval: The default is to sync once every hour.
Connect user and authentication
Hostname: The hostname to use when connecting to Active Directory. Can optionally include a port number.
Username: The username to use for authenticating with Active Directory.
Password: The password to use for authenticating with Active Directory.
Name of the Active Directory group.
User role tags
The following tags can be used to grant roles to users:
- ROLE_ACTIVITYVIEW_ADMIN - grants access to all ActivityView Manager functionality.
- ROLE_AUTH_ADMIN - grants access to accounts and role grants in AskCody Manager.
- ROLE_BOOKING_ADMIN - grants access to all Booking+ Manager functionality.
- ROLE_CONNECT_ADMIN - grants access to all Connect Manager functionality.
- ROLE_INSIGHTS_ADMIN - grants access to all functionality in Insights.
- ROLE_MEETING_ACCOUNTANT - grants access to cost centers and settlements in Meeting+ Manager.
- ROLE_MEETING_ADMIN - grants access to all functionality in Meeting+ Manager.
- ROLE_MEETING_DELEGATE - grants access to the Meeting+ apps on behalf of other accounts within the organization.
- ROLE_MEETING_PROVIDER - grants access to deliveries, items, and terms in Meeting+ Manager.
- ROLE_MEETING_USER - grants access to the Meeting+ apps.
- ROLE_ROOMFINDER_ADMIN - grants access to all functionality in RoomFinder Manager.
- ROLE_ROOMFINDER_SEARCH_SPECIFIC_ROOMS - grants access to search specific rooms in RoomFinder.
- ROLE_TODAY_ADMIN - grants access to all Today+ Manager functionality.
- ROLE_WAYFINDER_ADMIN - grants access to all functionality in WayFinder Manager.
- ROLE_WELCOME_ADMIN - grants access to all functionality in Welcome+ Manager.
- ROLE_WELCOME_RECEPTIONIST - grants access to contacts and guests in Welcome+ Manager.
User membership tags
A number of tags are available for users and hosts, respectively.
- User cost center group membership tag: Users can be tagged with COST_CENTER_GROUP_MEMBERSHIP:<code> to assign them to the Meeting+ cost center group with the given code.
- User delivery provider membership tag: Users can be tagged with DELIVERY_PROVIDER_MEMBERSHIP:<code> to assign them to the Meeting+ delivery provider with the given code.
- User reception membership tag: Users can be tagged with RECEPTION_MEMBERSHIP:<code> to assign them to the Welcome+ reception with the given code.
Reception assignment tags:
- Host reception assignment tag: Hosts can be tagged with RECEPTION_ASSIGNMENT:<code> to assign them to the Welcome+ reception with the given code.
Host flag tags
The following tags can be used to set flags on hosts:
- FLAG_CARRIER_CONTACT - flags the host as a carrier contact
- FLAG_DOORBELL_CONTACT - flags the host as a doorbell contact
- FLAG_HIDDEN - flags the host as hidden
Running the service
When running the service a log file is created. The log file is automatically generated in the server's %USERPROFILE%\AppData\Roaming\AskCody\ActiveDirectory\ForwardingService\Logs folder.
- Stopping the AADFS service.
- Deleting the %USERPROFILE%\AppData\Roaming\AskCody\ActiveDirectory\ForwardingService\State folder.
- Starting the AADFS service.