Our Directory Service Integration is available to districts using any LDAP version of Directory Services.
School Loop uses LDAP to create a secure authentication process with your directory services (for instance, Active Directory). Via a secure web service, users will login with the user name and password assigned by you. All policies and practices relating to user names and passwords are managed through your directory services. An added benefit is that each time a user logs in to School Loop using their Active Directory credentials, their first name, last name, email address, and login name listed in their School Loop account automatically syncs with their AD account. This syncing also occurs whenever the activate user list (discussed below) is opened. For student accounts, there is an option to disable syncing of email addresses, which allows students to use an email address of their choosing with their School Loop account.
The secure User Web Service that is installed on a district server acts as an intermediary between School Loop and the district's Directory Services server. School Loop can query the web service for user name and password authentication, and the web service will respond with "true" or "false" as to whether those login credentials are correct. Prior to this authentication, however, Directory Service users must be "activated" in the School Loop system, via the Activate Users interface. Teacher, Student, and Staff users are activated separately, and each group of users has its own activation page.
The activation page for teachers queries the web service for all Directory Service users whose "department code" matches the school code. Each matched user's employeeID is then compared to the teacher-IDs from the latest data import from your Student Information System (Data imports from the SIS is a separate process known as Sloopy). Users whose employeeID attributes match a known teacherID are then displayed for activation. Student users are matched similarly using the studentID attribute. No ID number is imported for all other staff, so those users are matched by user-name. If the user-name is already activated in School Loop in a staff role, that user's account is synchronized with your Directory Service; once synchronized, the user must use his or her Directory Service password to login (the local School Loop password will no longer work). If the user-name is not active or does not exist, the user is presented with a drop-down list of roles; selecting a role and clicking submit activates the user. If the user-name already exists in a non staff role (for example a parent user), a warning message is displayed and no action is taken.