Using the options located on the ActiveDirectory menu, you can use your Microsoft Active Directory configuration to assign specific security rights and grant access to users of Agency Information Manager (AIM).
Security rights are assigned using groups, roles, and individuals. These rights authorize people to perform specific actions with your agency’s AIM environment. In the topics that follow, we discuss how groups, roles, and individuals can be configured in Data Maintenance Utility (DMU) and how they work together.
Before we begin, let us define some key terms.
- Security Role – A group for security rights. A security role cannot contain another security role. Security role assignments are done in DMU, but are created and maintained solely in AIM.
- User Group – A collection of user ID codes and are assigned to a set of security roles. User group security role assignments are managed in DMU. User groups can contain multiple security roles. User group membership assignments are managed in Microsoft Active Directory.
- User Account – Microsoft Active Directory user account created and managed in the Active Directory user interface.
AIM Active Directory integration makes use of your agency's existing Microsoft Active Directory. Before you can configure AIM’s Active Directory integration, you must first configure your AIM user accounts into groups within Microsoft Active Directory. Such groups may include underwriters, administrators, managers, customer service representatives, etc.
It is important to note that once AIM Active Directory integration is enabled, security rights are controlled by Microsoft Active Directory roles and groups. This includes the various menus and features within DMU such as the speed bar buttons and right-click menu options. Unless access is granted to DMU menus and commands prior to enabling Active Directory integration, you will not be able to access the Active Directory Menu to make further modifications.
You should configure an administrator or management group to have access to DMU and the ActiveDirectory menu prior to enabling Active Directory integration. Prior to Active Directory integration being enabled, all commands on the ActiveDirectory menu can only be accessed by a user with level 9 rights.
Active Directory integration is enabled by updating the FlagUseAd column in the Control 2 table of the CIS database. A flag of 0 indicates that Active Directory integration is disabled. A flag of 1 indicates that Active Directory integration is enabled.
Please contact Vertafore product support for the AIM product if you require assistance updating the database.
- Click a menu command to learn more.
See Also