Automic Workload Automation

Expand all | Collapse all

Sync automation engine with AD

  • 1.  Sync automation engine with AD

    Posted 06-12-2018 08:02 AM

    Hi all,

     

    I want to sync between automation engine and AD.

    I want that when a new user is created in AD the user will be automatically created in the automation engine.

    The main question is if I can create the user in a specific client according to what is defined in the AD department column.

    I have 20 clients and the names of the departments in my organization are numbers.

    For example, if a new user is created in AD and a department column is written 377, it will automatically be created user in 377 client.

     

    Thanks for your help

    Ivry



  • 2.  Re: Sync automation engine with AD

    Posted 06-12-2018 09:48 AM

    Hi Ivry,

     

     what you are probably looking for is the "LDAP sync":

     

    Automic 

     

    But not sure which Automation Engine version you are using, so you would need to check the compatibility first.

     

    Regards

    Jan



  • 3.  Re: Sync automation engine with AD

    Posted 06-13-2018 09:37 AM

    Hi Jan,

     

    My version is 11.2.4 and I use LDAP to login users to the system.

    The main question is if I can create the user in a specific client according to what is defined in the AD department column? If so, how to do this?

     

    Best regards,

    Ivry



  • 4.  Re: Sync automation engine with AD

    Posted 06-14-2018 12:21 AM

    Hey ivrilider611076


    For your version the highest you can go according to the compatibility check show is 1.0.9

     

     

    To simply put how the Ldapsync work is that base on your configuration, it will connect to the LDAP server and the AD group you specified.  Any user within that AD group will get a account created within AE (and whatever client you specified) if they don't have it already.

     

    For example in my own system a while back... 

    I had done so for Client 100 and it pull the list of user within AD ldap group "TEST.Support.NA"

     

    In the manual it had an example such as this:

    <GroupMappings>    <map ae="QA" ldap="g1" /> </GroupMappings>

    This just mean that in the AE its map to a usergroup call QA and its pulling info from the ldapserver group "g1"

     

    The link to the manual to set up the LDAPsync and its Client setting can be found here:

    Configuring LDAP Sync 

    Configuring Client Settings 

     

    This show the synchronization rules and different scenario/example 

     

    I don't work nor have access to the AD side, so I can't say what that AD department column would equate to.  But base on Ldapsync, it look mainly at the ldpa usergroup level.  Hopefully that give you some direction to go on, between example/link to the manual

     

    @AWA Community Member - If someone has used ldapsync + fimailar with the AD side, can you confirm ivrilider611076 questions?



  • 5.  Re: Sync automation engine with AD

    Posted 06-14-2018 10:19 AM

    Hey ivrilider611076.  I don't think it is possible to retrieve specific fields from AD.  We implemented this at my company and basically you have to create some mapping XML files.  This ties the Automic user group to an AD group name.  You then run a job which queries AD and looks at the AD groups identified and takes action for any of the members of those AD groups.  If you look at the users when they automatically get created they just display the First Name, Last Name and Email Address.  I've checked all the files I can think of and I don't see where this is specified anywhere.  But maybe we're just doing the defaults and there IS a way to do this.  

     

    I checked the help here and I don't see anything there either to retrieve the Department.

     

    We have multiple clients here as well.  And it's just a matter of creating a bunch of mapping files and it will create them in the appropriate client.  So there is some maintenance involved, but once you get it setup - it's awesome.