TrackOne Studio Pty Ltd

This document will guide you through the process of configuring the Learning Analytics Suite to authenticate via Azure AD (Office 365).

Azure Active Directory Admin Centre 

Registering the Application 

• To begin, navigate to the Azure Active Directory Admin Centre.

• Go to 'App Registrations'
  
  
• Select '+ New Registration'
  
  
  
  
  
• Enter the application Name, Supported Account Types, and Redirect URI
  (e.g. https://[school domain]/LearningAnalytics/AuthServices/Acs)
  
  
  
• Click 'Register'.

Once the application is registered the following screen will appear (if not, click on the name of the newly registered app).

• Select 'Endpoints'
  
  
  
  
• Copy the 'Federation metadata document' address for use later.
  
  
  
  
  
• Copy the 'Application (client) ID' and the 'Directory (tenant) ID' for use later.
  
  
  
  
  
  
  
• Click 'Branding & Properties'
  
  

• Enter the Home page URL   e.g. https://[School Domain]/LearningAnalytics/
  You may also wish to upload a logo.
  
  
  

• Go to 'Authentication'
• Enter the Redirect URI    e.g. https://[School Domain]/LearningAnalytics/AuthServices/Acs
  
  

Assigning Users and Groups to the Application

• Go to 'Enterprise Applications'. 
• Select your Learning Analytics Suite application.
  
  
  
  

• Click Users and groups.
• Click Add user/group.
  
  
  
  

• Select the Users or groups which should have access to the application.
• Click Assign. 

Learning Analytics Suite Administration

In the Learning Analytics Suite:

• Navigate to Administration > Configuration > System.
• Authentication Type - Select 'Single Sign On – SAML2'

• Using the information recorded earlier, enter the:
  • WS Federation Metadata document location
    eg https://login.microsoftonline.com/eb720b3c-2e15-4e65-81a4-c0c9f7384xp4/federationmetadata/2007-06/federationmetadata.xml
    
    
  • Client ID (Application (client) ID)
    eg 8de849a1-fe70-4652-aeb0-770ba6637xte
    
    
  • Identity Provider (Directory (tenant) ID) - this should be entered in the format: https://sts.windows.net/[Directory (tenant) ID/
    eg https://sts.windows.net/eb720b3c-2e15-4e65-81a4-c0c9f7384xp4/
    
    
• Click 'Save Configuration'.
  
  
  

• Navigate to Administration > User Management >Users.
  
  
• Ensure an account exists for each user in the correct format (e.g. email address). 
  User accounts can be updated using the Bulk User Synchronise tool.
  Administration - User Management - Bulk Synchronisation for Students
  Administration - User Management - Bulk Synchronisation for Staff
  
  

• Exit the application by closing the browser.
  
  
• Recycle the application pool in IIS.
  
  
• Open a new browser window and navigate to the Learning Analytics Suite.
  
  

You should be directed to sign in via Azure AD if not already authenticated. 

Assistance

For further assistance please contact the TrackOne Studio Help Desk via email ([email protected]) or phone (07 3831 6590).