Active Directory Update - Allow users to update their own Active Directory information

Software Requirements

We have a new Ithicos Solutions web site!   Please visit the Ithicos Solutions new site.  This site will no longer be maintained after December 10, 2011. 

One of the most common problems that is experienced during installation and customization is that the requirements for the application are not completely met. Please review this list carefully prior to installing.  Prior to installing any of our web-based applications, the directory administrator must designate a computer on which this web application will be installed. This server can be a domain controller or a member server. The following are the requirements:

Windows Server 2003 (SP1 or later)

  • IIS World Wide Web Service must be installed
  • ASP.NET component must be enabled (under Add/Remove Programs - Windows Components -> Application Server)
  • The .NET Framework v2.0 and the .NET Framework v3.5 must be installed
  • Server must be a member of the Active Directory
  • A service account must be created
  •    All updates to the Active Directory are made using this user account
  •    The service account password should have a strong password
  •    The service account password must not expire
  •    The account must be a member of a group such as Account Operators, the domain’s Administrators group, or other group that has permissions to update user accounts in the Active Directory. Note that the installation program currently checks for Domain Admins membership, but you can change that after installation.
  • The administrator installing the Directory Update application must be a member of the local Administrators group on the computer it is being installed.
  • SSL is recommended but not required. If you do not use SSL, then this application should only be visible from within your own Intranet since user information will passed over your network in clear-text.
  • While this is not required, we recommend that the Directory Update application be on its own web server.

Windows Server 2008 or Windows Server 2008 R2

  • IIS 7 World Wide Web Service installed
  • IIS 6 compatibility components for IIS 7
  • ASP.NET must be enabled
  • .NET Framework v3.5 must be enabled
  • We recommend performing a Microsoft Update and updating all recommended and critical updates
  • A service account must be created, such as SVC_DirectoryUpdate
  •    All updates to the Active Directory are made using this user account
  •    The service account password should have a strong password
  •    The service account password must not expire
  •    The account must be a member of a group such as Account Operators, the domain’s Administrators group, or other group that has permissions to update user accounts in the Active Directory. Note that the installation program currently checks for Domain Admins membership, but you can change that after installation.
  • The administrator installing the Directory Update application must be a member of the local Administrators group on the computer it is being installed.
  • Recommend creating a dedicated application pool that uses the Network Service account and that is in 64-bit mode.



While our applications should interoperate fine with other web-based applications, all of our testing has been on an IIS server running on a domain controller or a member server and using the Default Web Site.  We recommend against installing on a server with SharePoint.

Configuring an instance of the software

Ensure that you meet the requirements prior to starting.  Copy the installation file (such as SETUP-1-2-6.MSI) to a local directory on the server on which you are planning to install the Directory Update application, such as the C:\TEMP folder.


  1. On the Customer Information screen, enter (or cut-n-paste) your organization name that you used to register your software and the license key you received. Both must entered exactly.  If installing an evaluation, leave the organization name and license key fields blank and check the Evaluation Version checkbox. Click Next when finished.

     
  2. On the Directory Setting property page, enter the domain controller name, DNS domain name, service account, and service account password.

     
  3. Click Test Directory Settings to verify that user is a member of appropriate groups and that the domain controller is responding. You will not be able to proceed until you successful test the settings. Click Next when completed.
     
 

Google
WWW Directory Update site