Task 3.28: Configure Active Directory Service

Purpose:  To improve AD login performance significantly, a server-side TraCS Windows service (TraCS Active Directory Service, details to follow) can be installed that periodically syncs the TraCS Users Database from AD. With the TraCS Users Database containing the latest AD associated user and group information, TraCS can query it instead of AD for this information. Querying the TraCS Users Database is much quicker than querying AD for the same information making login times quicker overall.

When using this alternative AD interface method, TraCS still authenticates the user with AD and loads the user's field values and permissions from AD. However, the user's associated user's and their permissions are loaded from the TraCS Users Database instead of AD.

Requirement:

• Active Directory used with TraCS

• Task 1.4.1 Active Directory Database Connection —Set up Active Directory

• Task 1.4.1 SMTP —set up an email database connection.

• Complete Task 3.21: Configure Notification Service batch transmission doesn’t work without the email and notification services.

Note: These services need only be added to one office machine in the agency.  For best practice set up a “Batch” machine that runs all 4 or 5 batch services and is only used for these services.  This can be a virtual machine, using full virtualization

Requirements: Batch Computer.

• Run Command Prompt as administrator

  • Type

    • cd C:\Program Files (x86)\TraCS

    • “.\ActiveDirectoryService.bat"

      • Wait to complete

• In the Windows control panel, select Administrative Tools and then double click Services.

• Right click on the TraCS Active Directory Service and choose properties.

  • Select the Log On tab.

    • Click the  This Account radio button

      • Special Note: using the local system account does not work

    • Enter the user name, including the domain name, of a user with authority to access the network TraCS location (if running TraCS in network mode) and the master computer.  The service will run with this user’s Windows access rights.

    • Enter the user’s password in the password and confirm password fields.

    • Click OK.

  • Select the General Tab.

    • Choose Automatic in the Startup Type field.

    • NOTE: DO NOT START THE SERVIC HERE. The service will start automatically once you schedule an Import/Export in TraCS.

Open

Open

In the Database Connection Editor in Configuration Manager, expand the Other option and select the
Active Directory connection. Update the following values on the TraCS server and any TraCS workstations using Active Directory to login.

• AssocUsers – Enter False so that Associated User information will be obtained from the TraCS Users Database and not Active Directory when a user logs in to TraCS.

NOTE: Even though the Associated User information will come from the TraCS Users Database, the TraCS Active Directory Service will be constantly updating the Users Database with what is in AD.

• UserGroups – Enter False so that User Groups information will be obtained from the TraCS Users Database and not Active Directory when a user logs in to TraCS.

NOTE: Even though the User Groups information will come from the TraCS Users Database, the TraCS Active Directory Service will be constantly updating the Users Database with what is in AD.

• Sync Interval – The number of minutes between when the TraCS Active Directory Service syncs the TraCS User Database with Active Directory. The default value is 240 minutes.

• UserID – The User ID that the TraCS Active Directory Service uses to login to AD.

• Password – The Password that the TraCS Active Directory Service uses to login to AD.

• ConfirmPassword – Used to confirm the Password that the TraCS Active Directory Service uses to login to AD.