Table of Contents 

1. Pre-Requisites for Installation

1.1. Hardware Requirements

1.2. Software Requirements

1.3. Misc. Requirements

1.4. VIDIZMO ID Connector Add-on

2. VIDIZMO ID Connector Components

3. ID Connector Installation & Configuration

3.1. Creating a Security Group and an AD User

3.2. Adding the User to the ID Connector Server

3.3. Installing the ID Connector

3.4. Configuring the ID Connector

4. Usage

This article is about installing VIDIZMO ID Connector on a Windows Server machine. The ID connector is a Web-based authentication tool providing an application which works with your Enterprise Active Directory, providing users authenticated access to VIDIZMO Channel using their AD credentials. 

This is ideal for organizations

- Having hundreds or thousands of users who will require VIDIZMO access

- Looking to simplify user management 

- Looking to bring convenience to their users by providing them single user id and password to access VIDIZMO

- Concerned about administrative overhead managing separate user accounts on VIDIZMO

Initially intended for an organization’s internal IT team who wish to deploy and maintain VIDIZMO ID Connector within the enterprise, this document also serves as the guideline for the VIDIZMO Deployment Team to carry out VIDIZMO ID Connector deployment remotely or onsite for any organization.

Here is how you can install and setup the ID Connector:

1. Pre-requisites for Installation

VIDIZMO AD-Connector is a software that runs on server class hardware and on Windows Operating System. The sections below provide further information on Hardware/ Software requirements and some other miscellaneous requirements.

Before starting, it is assumed that you have administrative access to the Active Directory Domain Controller. Also, a separate machine is required which will be running Windows Server 2008 or 2012 with IIS Complete Role. The Microsoft SQL Server Express Edition must be installed on it too. 

1.1. Hardware Requirements

VIDIZMO AD-Connector hardware requirements may vary based on the organization’s infrastructure, the number of employee in an organization and the anticipated concurrent users in an organization. All of these factors have an impact on the hardware required. More the number of users and concurrent users in an organization, the more powerful hardware requirements would be.

Following chart describes different scenarios along with minimum hardware requirements and recommended hardware:

Minimum Hardware
Recommended Hardware
Up to 1000 Users with 100 concurrent user load
CPU with 2 GB RAM,
100 Gig Hard drive,
Core 2 Duo Processor > 1.8 GHz
CPU with 4 GB RAM,
100 Gig Hard drive,
Core 2 Duo Processor > 2.1 GHz
Up to 5000 Users with 500 concurrent user load
CPU with 4 GB RAM,
100 Gig Hard drive,
Core 2 Duo Processor > 2.1 GHz
CPU with 8 GB RAM,
100 Gig Hard drive,
Core 2 Duo Processor > 2.1 GHz
Up to 10000 Users with 1000 concurrent user load
CPU with 6 GB RAM,
100 Gig Hard drive,
Core 2 Quad Processor > 1.8 GHz
CPU with 12 GB RAM,
100 Gig Hard drive,
Core 2 Quad Processor > 2.1 GHz
Up to 15000 Users with 1500 concurrent user load
CPU with 8 GB RAM,
100 Gig Hard drive,
2 x Core 2 Quad Processor > 2.2 GHz
2 CPUs with 8 GB RAM,
100 Gig Hard drive,
Core 2 Quad Processor > 2.2 GHz
Up to 25000 Users with 2500 concurrent user load
2 CPUs with 8 GB RAM,
100 Gig Hard drive,
2 x Core 2 Quad Processor > 2.2 GHz
2 CPUs with 12 GB RAM,
100 Gig Hard drive,
2 x Core 2 Quad Processor > 2.2 GHz

This chart does not mention the requirements for redundant hardware for backup and failover. In case the organization desires to have such an environment set up, the same hardware configuration may be used. However, depending on the nature of redundancy and failover, additional load balancer and SAN may be required.

1.2. Software Requirements

VIDIZMO ID Connector is a Microsoft .NET based software that runs on a Windows Operating System and requires an SQL Server at the backend. Listed below are the software pre-requisites the administrator will need to install before installing the VIDIZMO ID Connector:

i. Windows Server 2008 R2 Standard or Enterprise Edition

ii.  .NET Framework 4.0 Installed

iii. Web server Role configured (IIS 7.0), with following Role Services

a. Common HTTP Features (Complete)

b. Application Development

i. ASP .NET 

ii  .NET Extensibility 

c. Security 

i. Basic Authentication

ii.  Windows Authentication

d. Management Tools (Complete)

iv. SQL Server 2008/2008 R2 Standard or Enterprise Edition

a. Database Engine

b. Client Tools Connectivity

c. Management Tools

1.3. Misc. Requirements

VIDIZMO ID Connector acts as a bridge between the AD users and VIDIZMO, running on cloud or on-premise. For the VIDIZMO ID Connector to perform its job, it needs to interact with the deployed AD, be able to get user's information as well as be able to access VIDIZMO, which in case of VIDIZMO Channels, means the implicit need for internet connectivity. Also, this software needs certain configuration and privileges described in detail below.

i. Active Directory User

A user created in local Active Directory which is part of the Active Directory’s User Group. This is required by the AD Connector to import user information from the Active Directory to its database. 


The ID Connector software must run under this AD User account. This AD User Account must be part of the ‘Administrators’ group on the machine on which the ID Connector will be installed on. Moreover, it should also be part of the ‘sysadmin’ group in the SQL Database Server. However, for routine operations, minimum rights required at SQL server end are of ‘db_owner’ after the database has been set up.

ii. Active Directory Group

A group within Active Directory, which will represent all the ID Connector Administrators. Any AD users added to this group will gain access to configuration and administration sections of ID Connector Website. Such users will be able to:

- Add Channels to define Channel Mappings

- Make modification to application configuration

- Modify database connections or create new databases

- Check Synchronization logs

- Check users that were synchronized with ID Connector

For users who do not belong to this group, only limited sections will be available.  


All the users part of a group with a similar name on any domain(s) part of the forest will gain access to ID Connector configuration and administration sections. It is therefore recommended to create a separate group for ID Connector rather than using a built-in group provided by the AD.

iii. Firewall Publishing Rule for Worldwide access

An organization may want to publish the AD Connector Website for worldwide access, for which publishing via firewall may be required. This is an optional step and only applicable when worldwide access is necessary.


In case of Worldwide access, users coming from the internet will still be authenticated and authorized via Active Directory as they would when they are on local LAN.

iv. Domain Name

An "A" record in either a local DNS server or in an international DNS Server (if worldwide publishing is desired). This is to let users conveniently remember the location of the published website.

v. Internet Access on Server (port 80 or 443 in case of SSL)

VIDIZMO ID Connector synchronizes users between VIDIZMO and the local AD. This is only required when VIDIZMO Channel (Cloud service) is being used. It may not be required when a VIDIZMO Appliance or Enterprise is used.

1.4. VIDIZMO ID Connector Add-on

The VIDIZMO ID Connector Add-on is required to establish communication between the VIDIZMO Channel and the ID Connector. Please refer to the VIDIZMO knowledgebase article on How To Manage Add-ons to configure an Add-on in a Channel.

2. VIDIZMO ID Connector Components

VIDIZMO ID Connector comprises of two major modules explained in detail below: 

i. VIDIZMO Identity Sync Service

Identity Sync Service is a win32 service configured on the main server. This service appears under the Control Panel >> Administrative Tools >> Services section. The service must be running at all times and therefore its startup type should be set to Automatic.  

The VIDIZMO Identity Sync Service is responsible for synchronizing the active Users found in all the domains within the organization’s forest, with VIDIZMO Channel(s), VIDIZMO Enterprise or VIDIZMO Appliances by scanning all the Domains which are part of the forest.

Apart from Users, it also synchronizes the active Groups and Organizational Units (OU) available in each domain, which are later used by the VIDIZMO ID Website admin to provide mapping either b/w Group-Channel, OU-Channel or Domain-Channel.


Only AD Users belonging to the Group(s), OU(s) or Domain(s), that have been mapped to a Channel, can gain access to that Channel. If the administrator wants to remove an entire domain part of the forest from gaining access to a VIDIZMO Channel, they can do so by removing the mapping of the domain with that Channel. 

This service uses rules, found in the main database, to carry out synchronization and can be configured to run after an equal interval of time. The time interval can be set via ID Connector Website by going to Settings > Application Configuration section.

The illustration below shows how the ID Sync Service synchronizes users:

ii. VIDIZMO ID Connector Website

The AD Connector Website serves as the gateway for the users to gain access to VIDIZMO Channels. It is also used to authenticate and authorize users coming directly to VIDIZMO.  

The AD Connector Website is configured under IIS 7.0 and uses the same database used by the Identity Sync Service, and like the Identity Sync Service, it also depends on the AD or Domain for authenticating and authorizing users from the local AD and using the mappings in the database, allow access to VIDIZIMO.  

If a user belongs to the group specified in the Application Configuration section of the Application, the user would get access to configuration sections of ID Connector. These configuration options include:

- Application Configuration

This is the main and critical section within the ID Website used to configure the user account the ID Connector software is running under, as well as configuring the time interval when ID Connector synchronization service synchronizes all the users between AD and VIDIZMO.  Special consideration should be given when making modifications on this page.


If a user is not synchronized by VIDIZMO Identity Sync Service, for any reason, the website does a JIT (just in time) synchronization of that user to let the user have immediate access to VIDIZMO. 

- Database Configuration

This is yet another critical section of the ID Website which allows administrators to configure the database and set up a new one if required. The synchronization service as well as ID Connector website will use this database to carry out regular operations.

- Manage Channels

Manage Channels section allows administrators to view existing Channels that have been added and can be mapped to Groups, OUs and Domain(s) part of the forest. This also shows the total number of users who have been synchronized at VIDIZMO and therefore have gained access to that specific Channel.

- Channel Mapping

This is the section from where Channels can be mapped to an OU, Groups, and Domains. The site administrators can conveniently search for the required OU, Group or Domain from the list.

- Manage Users

Manage Users section lists all the users imported from the Active Directory, with the status displayed against each user. It also provides a convenient search and filtering option to find any user imported and its synchronized status.


This page will only show the users that have been imported from an AD. The import process has some filters configured such as Email Address, First Name, and Last Name, which may restrict the import of some users and therefore they may not appear in the list here.  

- Sync Log

This shows the log of the ID Service after every execution. Administrators can obtain information such as the number of users imported and synchronized with VIDIZMO etc.

The following illustration shows the overall working of the ID Connector Website when an AD authenticated user tries to access a Channel in VIDIZMO.


After the setup is complete, users belonging to the AD are able to access the ID Connector website which automatically signs-in and redirects the user to the VIDIZMO channel. Signed-in users have access to only those channels which are mapped by the Administrator.

3. ID Connector Installation & Configuration


3.1. Creating a Security Group and an AD User

The following sequence of steps will walk you through on how to set up a Security Group and an Active Directory (AD) user.

1. The first step is to create a Security Group in the Active Directory. 

Log in to your Domain Controller and open "Active Directory Users and Computers" to open the Active Directory window. Now, right click on the active directory and select New >> Group.

2. Enter the name of the group of your choice, select Group scope as Universal and Group type as Security. Then click on the OK button to proceed.

3. Next, create a separate new user in the Active Directory. For this, right-click on Active Directory and then select New >> User.

4. Enter a name for the user and click on the Next button.

5. In next window, enter a password and uncheck the "User must change password at next log-on" (highlighted below). Click on the Next button to continue.

6. When done, click on the Finish button. 

7. Now, right click on the user you have created and click on properties. On the window that appears, click on the Members Of tab, and then on the Add button.

8. Here, add the security group which was created earlier. Type the security group name and then click on Check Names. This step will verify the group name and bring it up in the window. Click on the OK button to continue.

3.2. Adding the User to the ID Connector Server

1. The next step is to add this user to Local Administrators Group on the server where the ID Connector is installed. To do this, follow the steps given below:

Note: To perform these steps, you need to login to the machine with the user having "Domain Admin" rights. 

i. Open Computer Management on the ID Connector Server. 

ii. Expand the Local Users and Groups.

iii. Select the Groups folder to open the list of groups.

iv. From the list, open on the Administrators group's properties window.

v. On the Administrators Properties window, click on the Add button.

vi. Clicking on the Add button opens another dialog box where you enter the name of that user was created earlier and which will be added to the Group.

vii. Click on the Check Names button to verify that the name exists in AD. The username will be displayed with the domain in brackets.

viii. Finally, click on the OK button to add the user to the Group.

2. Now, log out of this account.

3. Log in again to the machine with the new user to start the installation of ID Connector.

4. Another part of pre-requisite is to setup database using SQL Express. We assume that you will have created a database in SQL Express and you have enabled the Windows authentication mode in SQL so that the above windows user has the rights to access this database.

If the database is not created, you can use the ID Connector's Website to set up a new database. Please refer to the ID Connector Configuration section on setting up the Database from the ID Connector Website.

3.3 Installing the ID Connector

1. After logging into the machine with the created user, open the ID connector folder and run the ADSetup.exe file by selecting Run as Administrator.


VIDIZMO ID Setup requires elevated privileges, therefore on Windows Server 2008/2008R2, make sure to "Run it as Administrator" by right-clicking and selecting the option from there. 

If the setup is not run with elevated privileges, it may fail.

It is important that installation is performed in the same order as mentioned below.

2. A setup wizard is launched. 

First, it will install the Microsoft Enterprise Library 3.1, required for Vidizmo ID Connector to work properly. 

Click on the Next button to continue.

3. Click on the "I Accept.." License agreement checkbox to accept the agreement and review the system requirements. Clicking on the Next button as you proceed.

The system requirements are displayed next, except for Microsoft Visual Studio, these should be installed and configured before executing this installer.

4. Let the installer run its course. If you want to select custom features or select a different location to install ID Connector, then use the Browse button to change the install directory. 

Click on the Next button to continue when done.

5. The setup of Enterprise Library will finish. Uncheck the "Launch Enterprise Library 3.1..." checkbox and click Finish.


6. After successful installation of Enterprise Library, setup will automatically lunch VIDIZMO ID Connector Web installer as shown below. Click Next on the next screen.

7. After running a pre-requisite check for the AD Website, the following screen is displayed. Click Next if all the pre-requisite conditions are met.


IIS7 will require IIS 6 Compatibility pack for this test to pass and AD Website to set up. Please go back and install these pre-requisites if setup fails at IIS7 step.

Setup only checks for .NET Version 4 or later. If the future version of the framework is backward compatible, then it should still work with them.

8. Accept the License Agreement and then click on the Next button.

9. On the next step, you can either Create a new Website or Choose an Existing Website. Creating New Website is desired if the AD Website is being set up for the first time. Click on Create New Website.


Choosing existing website will overwrite ID Connector Website on existing folders. Using this is only recommended when the Administrator wants to overwrite an existing ID Connector Website. This is to avoid any existing configuration issues that are inherited in the ID Connector Website during the process.

Create New Website also creates a new Web Application Pool in the IIS, while choosing Existing Website reuses the existing Application Pool.

10. Enter the required information in each field. Enter the name of the site which will be created in IIS. In the HostHeader field, mention domain/subdomain which is pointing to this machine and can be resolved publicly over the internet.


Make sure host header configured is a publicly accessible domain name if the website will be accessed via the internet.  

If port 80 is already occupied, Administrator can choose a different port but will have to make sure any firewall restrictions do not restrict the user from accessing the website.

Click on the Browse button to locate the folder where the Website will be deployed. If the website is deployed in the folder other than wwwroot, make sure that the folder has Everyone read rights and is accessible by Everyone.

Once this information is provided, click Next to continue.  

11. In the next step, provide the user id, password and the email address of the user, the ID Connector software is set to run under. The ID must be in the format [Domain] \ [User]. The password field is an open field to show the administrator what is typed in.

This user will be configured to run the ID Website as well as ID Service. The user must be part of the forest that is set to be synchronized on VIDIZMO Channel. The same user is used to access the database, though user credentials can be altered from the Web Interface.

12. Now, the setup is ready to install ID Connector. 

Click on Install button to proceed.

13. Click on the Finish button. This will run post setup job for a while to make final changes in the ID Connector Service and the installed Web Application.
After the installation is completed, the setup will launch the installed ID Connector website for further configuration. This involves configuring the application by setting up the database and activating the service. 

The ID Website configuration is explained in section 3.4 Configuring the ID Connector.

14. After the installation completes, it will automatically open the ID Connector Webpage and prompt for username and password (as shown below).

15. The following screen indicates that you have successfully logged into the ID Connector Web Interface and the ID connector install is successful

3.4. Configuring the ID Connector

Now, in this section, we will cover the basic configuration required to make ID Connector work properly.

1. First, click on the Database Configuration, under Settings on the bottom-right corner of the page.

2.  On the next screen that opens, click Edit Database Configuration to start setting up the database.

3. Add the Database information. Set the server name to "localhost" as SQL was installed on the same machine. Then select "Windows Authentication" and enter the Windows credentials used in pre-requisites section. 

Finally, choose the Database created for the ID Connector in SQL.

4. Next, select  Application Configuration as shown in the highlighted text below.

5. Click on the  Edit button and a pop-up will appear for confirmation.

Click on the OK button to continue.

6. In this section, enter the name of the group created under which the Id Connector user was added. Also, make sure to enter the proper URLs of VIDIZMO host and Vidizmo Services (as highlighted below). 

In Sync Schedule, set the occurrence, date and time on which sync will run. Make sure Vidizmo Sync Service is set to "Activate".

When done, click on the  Update button.

These steps conclude the ID Connector configuration.

4. Usage

For further details on how to manage and use the ID Connector, click here on VIDIZMO ID Connector User Guide.


Administrator, Manager.


Subject: User

Action: Add, Update, Delete