SocialMiner uses Active Directory (AD) to manage and administer user
access to the system. All users, with the exception of the administration and
reporting users, must be configured on a Microsoft Active Directory server to
The AD connection permits users configured in AD to access
SocialMiner. You can configure the connection to allow access for all users in
AD or for only a specific group of users. Multiple, independent groups that
require isolated security and permissions should each deploy their own
If Twitter account feeds are configured on the system, all users
are able to see direct messages to the configured Twitter accounts and all
users can post from these accounts. SocialMiner tracks which users make which
posts. Companies that want to restrict who can make posts need to configure
SocialMiner to authenticate with a specific role. If SocialMiner is
authenticated with a specific AD role, then only those AD users with that role
can use SocialMiner.
To configure AD, open the Active Directory drawer on the System
Administration panel and click
Edit. Enter or modify these fields and then click
Save when finished.
Enabled: Checkbox. When checked, the AD connection is active.
If not checked, then only the administrator can sign into SocialMiner.
Host: Required if Enabled is checked. Provide the host name or
IP address of the AD server.
Port: Required if Enabled is checked. Provide the port for AD.
The default AD port is 3269. If you are not using SSL, you must change the port
Use SSL: Checkbox. Checked by default. Uncheck if not using
SSL. When checked, you must exchange security certificates with the AD server
before SSL can work (see below).
Manager Distinguished Name: Required if Enabled is checked.
Enter the Manager Distinguished Name used to sign in to the AD server. For
example, on a default installation of Microsoft AD, the name is
:CN=Administrator, CN=users, DC=MYSERVER, DC=COM. Replace MYSERVER and
COM with your hostname.
Manager Password: Required if Enabled is checked. The password
for the AD Manager account.
Role Name: Optional. The AD role or AD group of users who are
allowed to access SocialMiner. If this setting is blank or set to "*", then all
users in AD are allowed access to SocialMiner.
Exchanging security certificates with AD
To enable SSL for the AD connection, you must first exchange security
certificates between the two servers. Enabling SSL is optional, but if you do
not enable SSL, then username and password information is not transmitted
securely between SocialMiner and the Microsoft AD server.
To exchange security certificates, on the AD server:
- Verify that the AD server
has the Certificate Services service installed.
All Programs > Administrative Tools > Certificate
- Expand the domain node and
- Double click the
certificate to open it.
- Open the
Details tab and click
Copy to file.
- An Export wizard opens. In
the wizard select
DER encoded binary.
- Use the wizard to select a
location to save the file.
On the SocialMiner Server:
- Open the Platform
Administration drawer on the System Administration panel and select the link to
the Unified OS Administration page.
Security > Certificate Management.
- For the Certificate Name,
- In the Upload File field,
select the file to upload by clicking
Browse... Select the certificate file you saved from the
Active Directory server.
- Restart the Cisco Tomcat
service. Using the CLI, run the command
utils service restart Cisco Tomcat.
The Administration user (configured at install) and Reporting user
accounts are the only accounts explicitly configured on SocialMiner. The customer care representatives are configured in Microsoft AD.
When these users sign into SocialMiner, successfully authenticate
against AD, and begin to take actions on the system; their actions are
associated with their AD user ID.