Clarity Service Management

Expand all | Collapse all

Active Directory Integration

  • 1.  Active Directory Integration

    Posted 05-15-2017 04:05 AM

    I have integrated CA EEM with Microsoft Active Directory and able to get all the data .

    Now when i'm syncing the COntacts in CA Asset Portfolio Management, the only contact details I'm getting is the User First Name Last Name and UserID.

    I checked the Import File Created for this and only this detail is coming in that.

     

    Can anyone put some light where can we make changes so that the fields like Telephone Number, Manager Name, Email, Location etc get available in the Import File?

    As per my understanding, this has to be changed in CA EEM maybe.

     

    Regards,

     

    Sahil



  • 2.  Re: Active Directory Integration

    Posted 05-16-2017 08:48 AM

    CA EEM has OOTB Field Mapping with Active Directory and only the following fields are forwarded to APM:

     

    However, in case where custom attributes are required to be fetched from Active Directory, there is a workaround available to do this.

    In CA EEM go to Configure>User Store>LDAP Attribute Mapping

    Click Save as and Save the Map with a new name.

    In this new Map, Map your custom Attributes to the Fields as mentioned above.

    For Example, Map Division to Company

    Now in CA APM, You can change the Destination which is Contact.Company.Company Name to Contact's Division FIeld.

     

    The Information Reflected in CA EEM would be Division for Company But In APM You can Get the Correct Information.

     

    If anyone has a Better Solution to this, Kindly Share.

     

    Regards,

     

    Sahil



  • 3.  Re: Active Directory Integration

    Posted 05-31-2017 08:04 AM

    Another Update on this.

     

    A lot of times, organizations want the Manager Name be Available in the Contact Record fetched from Active Directory so that it's easy to fetch all those information in the Asset Record..

    The Challenge is that the Manager Name is a Reference Field in Active Directory and if we fetch the Manager Name, the data comes as the DistinguishedName (DN) of the Manager like CN=xxxx, OU=users, OU=Accounts, DC=xyz,DC=com.

    The Manager Name is expected simply to be the Name of the Manager which is called the CannonicalName (CN) in the Active Directory.

     

    One Approach to deal with this is to Map this field in the Ca_contact Record with a new attribute let's say manager. 

    Now everytime you run the LDAP Import Sync, it will fetch the value for this attribute manager which is the DN and can't be changed at the AD level because that 's how AD's architecture is.

     

    Because the CA Mdb doesn't allow to write new triggers at the DB level.

    To deal with this, we can write a Stored Procedure in the MDB and schedule it to run every 12 hours let's say, because the Active Directory Sync is run Once a day  as a Best Practice.

    The Following Stored Procedure query will extract the CN part from the DN of Manager:

     

     

    Update ca_contact
    set manager=Left(manager, CHARINDEX(',',manager)-1)
    where manager like 'CN=%'

    # This will Set the manager attribute to everything before the first Comma(,) and -1 at the end of the query will trim the comma as well.

    #The Result after running this query with manager attribute equal to  CN=xxxx, OU=users, OU=Accounts, DC=xyz,DC=com is CN=xxxx


    Update ca_contact
    set manager= SUBSTRING(manager,4,20)
    where manager like 'CN=%'

    #This Will take the CN= off the data in the manager attribute which in the Previous query was set to  CN=xxxx and the final result in the manager field is xxxx which is the CN of the Manager.

     

     

    I'm sure there are many other ways to deal with this.

     

    Regards,

    Sahil