Home > Guides > Administrator Guide > System Setup > Network Single Sign-On
Network Single Sign-On
This is a multi step process which will allow the network to use Active Directory to pass login information into Cyber Recruiter so a user does not have to log into Cyber Recruiter once logged into the network.
If the option 'Require Password on emails' is set to Yes on the System Setup page, the program will verify the user information of the person responding to the email against the network account of the recipient of the email. If the two accounts do not match, the individual responding will not be able to complete the response process.
This does NOT extend to the careers site for employee login into Self Service. The main reason is because the careers site is in the DMZ which is not part of the internal network.
Step 1: Enable the Setting
From the Admin > System Setup page, set the field for ‘Enable Single Sign-On’ to Yes.
Option Setting:
After the field is enabled, click on the caption for the field to set up additional items relate to the Active Directory server. Taking this additional action will allow an administrator of Cyber Recruiter to look up a user account on the network when adding a new user.
LDAP Server: This field NEEDS the information like: LDAP://1.1.1.1 (where LDAP is in all CAPS).
User ID: Enter the User ID which is an admin account on the server who will have access to the list of network users
Password: Password for the user ID entered.
Step 2: Configure Users
Because this feature connects the users of Cyber Recruiter to a master list of users, the user list in Cyber Recruiter must match the user list stored in LDAP Server.
NEW USERS
There are two option for adding new users.
- If using the Import Users option, make sure that the User ID for the new user matches EXACTLY the network user ID.
- If manually adding a user, use the Add New User option instead of the Copy User option. In the Add New User option. the User ID field is a hyperlink. Click on the hyperlink and enter in the name of the employee and press the Find button (or just press the Find button). This will direct Cyber Recruiter to search though the LDAP server for the employee's login information and it will connect the two systems.
EXISTING USERS
For any existing user, edit the user account. The User ID is a hyperlink field. Click on the hyperlink to change the User ID and manually change it to match what is currently in the list of user on the LDAP Server.
Step 3: Change IIS Settings
In IIS, on the server, the setting for Anonymous Access to the Cyber Recruiter site must be turned off and turn Windows Authentication on. This will require that every person who plans to use Cyber Recruiter be logged in to your local network.
If your Cyber Recruiter is available via a public URL and you would like your users to be able to access Cyber Recruiter either while logged in to your network, or over the Internet from home, you must create a second virtual directory in IIS that points to the same Cyber Recruiter installation folder. For that second virtual directory, be sure that Anonymous Access is NOT turned off. Inform your users that when accessing Cyber Recruiter from work (when logged in to your network), hit the first URL, when accessing it externally, hit the second URL.
Step 4: Modify NTFS Permissions
On the server, give the ‘Authenticated Users’ account ‘Modify’ access to the Cyber Recruiter installation folder as well as 'Full' permissions to the Cyber Recruiter registry key:
HKLM\Software\Visibility Software\Cyber Recruiter
If this key is in a 64 bit operating system, the key is:
HKLM\Software\Wow6432Node\Visibility Software\Cyber Recruiter
|