The diagram below illustrates the components and communication that form QVscribe for Teams:
The QVscribe clients install as add-ins in Microsoft Word or Excel and connect with the QVscribe Analyzer on the same client machine.
The QVscribe Team Server (QTS) is installed in a centralized server for the management of users, roles and analysis configurations. The QVscribe clients connect to QTS via HTTPS and information flows both ways between clients and QTS.
QTS connects to the Identity Provider (Active Directory) for read-only access to the user directory. This allows QTS tenants to provide QVscribe seats based on users within their Active Directory.
Setup of QTS with external Identity Provider
In order to connect QTS to the In-House Active Directory (AD), gather the following details:
Active Directory credentials in LDAP form
(QTS > Identity Provider > EDIT & TEST).
AD User : CN=Administrator,CN=Users,DC=qra,DC=shell, DC=com
AD Password : ******
AD Host and Port : 10.10.42.217:389
Base Domain : DC=qra,DC=shell,DC=com
Optionally, if your AD requires SSL, obtain a certificate and add it to a Java Key store. A Java key store can be created as shown in the following example:
Example: “cacertschange” file in Examples folder.
Note: Keystore password and alias are irrelevant for this connection only
Once Active Directory credentials are entered, click on Test to validate the connection and if the connection is successful Save the configuration.
You will need at least 2 groups in AD to use with QVscribe for Teams:
One group (or more) will be the users that will use the QVscribe clients. These users will each need a QVscribe seat allocated to them within QTS. In the example below, we call this the “QVscribe_authors” group.
The second group will be a subset of users from the regular user group(s) who have elevated privileges as configuration administrators. These configuration administrators are able to modify and publish shared Analysis Configurations to QTS that users in the other group(s) can then access. In the example below, we call this the “QVscribe_ConfigAdmins” group.
If you would like to optionally provide the QTS admin pages above using your company’s certificate, gather the certificate details to be added to a java keystore (could be same as the one you added the AD cert in). A self-signed certificate (p12 file) is in the Examples folder, the folder "SSLExampleCertjks" shows the process and the assets used to generate the "example.jks"
(The folder “SSLExampleCertjks” shows the process and the assets used to generate the “example.jks”)
This is will be entered into an external.properties file at a later step:
server.ssl.key-store = file:c:/qts/example.jks
server.ssl.key-store-password = ExamplePassword
server.ssl.key-password = keypairpass
External.properties (This is step 3.3 in readme file)
Create this file which has deployment-specific properties related to SSL and Couchbase
Example: external.properties file in the examples folder.
Set properties for connection to PostgreSQL server and ssl dependencies in an external properties file ( q this file will be referenced during installation)
Create an artifacts folder like C:qts
Drop external properties files and the keystore files here
Configure AD and License seats in QTS:
Use the information collected in “Gather following details for QTS to integrate with local Active Directory(AD)“