The AeriesNetConnections.config file on the Aeries web server provides the list of databases that are available on the Aeries Sign-In screen. The database that is set as the default Database Group and default Year in the AeriesNetConnections.config file must be the database that is set up with the Google Authentication information. Typically the default database is the current year database.
In the below example the 2016-2017 AeriesDemo database is the Default database, and in this database the Google Identity Provider settings and user accounts will be configured.
<?xml version="1.0" encoding="utf-8"?> <AeriesNetConnections> <DatabaseGroup id="Aeries Demo" Default="True"> <Year id="2016-2017" Default="True"> <Server><![CDATA[MyServer]]></Server> <Database><![CDATA[DST16000AeriesDemo]]></Database> <UserID><![CDATA[AeriesNetUser]]></UserID> <Password><![CDATA[test]]></Password> </Year> <Year id="2015-2016"> <Server><![CDATA[MyServer]]></Server> <Database><![CDATA[DST15000AeriesDemo]]></Database> <UserID><![CDATA[AeriesNetUser]]></UserID> <Password><![CDATA[test]]></Password> </Year>
Identity Provider Configuration
After the Google API Console has been configured, log into Aeries with an administrator account. Navigate to the Identity Provider Configuration screen. It can be found under School Info | Configurations in the navigation menu.
At the bottom of the Identity Providers Configuration page is an important reminder that logging out of Aeries will not necessarily protect against unauthorized access into the system. Please ensure that users who log into Aeries through an identity provider know what steps to take to keep their Aeries login secure.
Copy and paste the Google Client ID and Client Secret you obtained from the Google API Console into the Identity Provider Configuration screen. If you are enabling Google Authentication for student accounts, you must also enter at least one student domain. This domain may be your district domain, but also may be something like gmail.com. Make sure to click the respective check boxes to enable access to either students or admin users/teachers.
Now click the Save button to save the changes. A message will display above the Google Connection Settings indicating that the options were saved. The message indicating that the changes were saved is a temporary message and not stored in the system. If the page is refreshed, the message will no longer display.
Once the Identity Provider Configuration screen has been set up, the Google accounts will need to be added to Aeries and/or existing users will need to be updated to use Google Authentication. This is done in the Security | Users page. A link to the Security Users page is also available from within the Identity Provider Configuration page.
Add new users or update existing Aeries users to Google authentication
The Identity Provider field will identify the account as either a regular Aeries account or a Google-authenticated account. When creating Google-authenticated accounts, enter the full Google email address in the User Name field. The Password fields will be grayed-out for Google-authenticated accounts since the passwords are managed through Google.
Note: remember to set up the appropriate Permissions, Group Associations and School Access for the Google-authenticated users as you normally would for Aeries users.