ClassLink Support Docs

ClassLink Support Documentation

Welcome to the ClassLink Support Docs page. You'll find comprehensive guides and documentation to help you start working with ClassLink as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Active Directory Integration

This page will assist you with fulfilling the requirements for integrating your network with ClassLink on Windows Server (versions 2008 through 2012R2) for Microsoft Active Directory. Integrating your network will allow you to utilize your existing user credentials and even access your home folders and network shares from My Files.

We require a new dedicated virtual machine or server for running the ClassLink web service. We will not install the web service to a server that is running other roles.

Once the server and firewall rules are ready, ClassLink will complete the setup via a screen-sharing session with a member of the school district.

Requirements

Server Hardware (physical or VM)

  • CPU: At least 2vCPUs VM; 2.0 GHz o32-bit (x86) or 64-bit (x64)
  • RAM: At least 4 GB Minimum
  • HDD: At least 40 GB free space

Server Software/Roles

  • Operating System: Windows Server 2008/R2 or 2012/R2; domain member server
  • Roles: Internet Information Services (IIS)
  • All latest Windows updates installed

Server Network(**)

  • Public IP Address:mapped to web server's internal IP over port 443 (https requires a valid SSL certificate- a .pfx file imported in IIS)
  • External and Internal DNS Record: A DNS "A" record must be assigned to the webserver on a public DNS provider (pointing to external IP address used) and on the internal DNS (pointing to internal IP address of webserver)
  • Optional* HTML5 Gateway. Additional Public IP Address: mapped to web server's secondary internal IP over port 443 for HTML5 Gateway (iOS/Android devices)
    • Optional* SSH Gateway. Public IP Address: mapped to web server's internal IP over port 222 JavaSSH (secure RDP)

*For terminal server application provisioning. All 3 services can function on the same server however authentication and html5 gateway need separate public IPs and separate NICs to function. SSH can re-use an ip.

**Firewall rules must be set to accept traffic from all sources

Firewall rules must be created prior to setup. Note: ClassLink server in DMZ is optional

HTML5 gateway is optional if you wish to deliver Windows apps remotely via Terminal Servers (RDS).

DMZ Firewall (optional)

Direction
Source
Destination
TCP Ports

Outside to DMZ

Any

ClassLink Server

443 TCP

DMZ to inside

ClassLink Server

AD Server

TCP/UDP 389 : LDAP
TCP/UDP 53 : DNS
TCP 3268
UDP 138
TCP/UDP 445
TCP 636
TCP 3269
UDP 123
TCP & UDP 88
UDP 137

DMZ to inside

ClassLink Server

Terminal Servers

3389 TCP

DMZ to File Server

ClassLink

File Server

TCP 135 : MS-RPC
TCP 1025 & 1026 : AD Login
& Replication
TCP 445 : SMB, MS-DS
TCP 139 : SMB
UDP 137 & 138 : NetBIOS
UDP 88 : Kerboros v5

Active Directory Integration