LDAP/Active Directory
Overview
VoiceThread supports a wide variety of LDAP servers and schemas, including Microsoft Active Directory and custom schemas. Integration is included in the K-12 District and Higher Education Site licenses, and it can be purchased as an upgrade for other license types. Contact us with any questions or to discuss upgrading.
How to use
Users will navigate to your custom domain (provided by VoiceThread) and sign into VoiceThread using their LDAP usernames and passwords. No separate registration or username is required.
Technical details and setup
VoiceThread’s LDAP integration works by:
- binding with your LDAP server to transmit the credentials entered by the end user (these credentials are immediately discarded);
- obtaining a response from your server;
- searching for the requested user information; and then
- granting that user access to VoiceThread.
The VoiceThread Integration Team will work with you to obtain the information we need and build the connection. The only hard requirement is a username (auth identifier)/password pair that can bind. However, this will result in less-than-optimal functionality and user experience. For the full user experience, we recommend:
- Username (auth identifier)
- Email address
- First name
- Last name
- Role (student, teacher, faculty, staff, etc.)
We are flexible on attribute mapping and will help test a successful integration prior to rolling out VoiceThread to your users.
Security Requirements
The following two IP addresses must be allowed to connect to your LDAP server over port 636 (LDAPS). We can also support the use of other ports by request. For schemas other than MS Active Directory and possibly rft2307, we will need either anonymous search access or a bind DN and password that can search the directory.
- 52.3.14.115
- 52.3.113.207
- 52.5.126.89
- 52.3.105.120
- 52.6.20.33
- 52.6.76.55