Active Directory is a directory service provided by Microsoft that manages on a network many different types of resources including user information and computer information.
By using AD Integration, the IDs and passwords used for Active Directory can be used to log in to Sansan.
* This function is an option. If you would like to use this option, please contact your Sansan sales representative.
An example of infrastructure (For AD FS)
Flow before AD Integration starts
To start using AD Integration, the following procedure is necessary.
* If you would like to use a test connection environment, it can be done as an option, so please contact the Sansan support center.
* If you are going to try test connections, please be aware that the flow will be different from the above.
(1) What needs to be done on the client side
-Please build up an AD environment
-Please set up the information for Sansan for PC, the Smartphone application, and the Smartphone web in your company's server.
(Details of this will be sent in an email).
-Please create a certificate file (.cer) for the public key that IdP will use as a signature.
(Sansan administrator settings)
-Please set an AD Integration ID for each user from the Add/Change User screen.
(2) Please send the following information to Sansan.
Information about your company's server
-Name for distinguishing IdP *1
-URL for log-in *2
-URL for log-out *2
Certificate for the public key that IdP will use as a signature
* Please send this separately in a password-protected ZIP folder or something similar
Date you wish to start AD Integration
Please let us know when you like to start linking *4 *5
* 1 For AD FS http:// sts.sansan.com)>/adfs/services/trust
* 2 For Ad FS https:// /adfs/ls
* 3 This is the URL you will be sent to when you log out of Sansan. (SAML Logout Endpoints) For AD FS https:///adfs/ls/?wa=wsignout1.0 is recommended.
* 4 If you have not finished registering for an AD Integration ID, the desired starting day may be difficult.
* 5 Please make this request at least three business days before you plan to start the AD Integration.
3. Notify your colleagues of the log-in URL for AD linking.
Once AD Integration has begun, you will no longer be able to use the log-in IDs and passwords you were using before.
If you are using AD Integration from the Smartphone application, please download the most recent version of the application.
Please be sure to share the log-in URL for AD Integration with all your colleagues.
Points to be aware of
- When you request AD Integration, please prepare the following things.
- This function is an added option. Depending on your current contract, additions or changes may be necessary.
- You cannot have multiple AD Integration within one company. (You may have one AD Integration with one company).
- If you are using multiple Sansan contracts in your company, all the contracts in your company must move over to AD Integration.
- You cannot divide within your company so that some do regular log-in, and others use AD Integration.
- With AD Integration, only IDs and passwords can be connected. Adding, editing, or deleting users in Sansan must be done by a different operation.
Before the term of validity of the certificate is up, it is necessary to renew it. When renewing, please inform this to the Sansan Support Center and please also attach the cer file.
- If the term of validity expires, you will no longer be able to log in to Sansan. Please manage this on your side.
- You cannot use the feature phone edition with AD Integration.
- For the Smartphone application, after putting in your Sansan log-in ID as usual, you will input your AD log-in ID and password from the AD Integration log-in screen to log in.
- If you are using a Sansan tab (inline) with Salesforce Integration, in some cases the Sansan screen will not be displayed. In this case, please open Sansan in a different window.