Working with Directory Services
The Business Importer can import data from directory services, such as Microsoft Active Directory, or Novell eDirectory. However, configuration and settings are quite unlike other drivers.
Credentials
ConnectionString
attribute using the following
format:Login=value;Password=value;AuthenticationType=value
AuthenticationType
are listed in the following table.
Because not all values are supported by all directory services, please check the
documentation for your directory service (for example, see https://msdn.microsoft.com/en-us/library/system.directoryservices.authenticationtypes%28v=vs.110%29.aspx).Authentication Type | Description |
---|---|
Anonymous
|
No authentication is performed. |
Delegation
|
Enables Active Directory Services Interface (ADSI) to delegate the user’s security context. |
Encryption
|
Attaches a cryptographic signature to the message that both identifies the sender and ensures that the message has not been modified in transit. |
FastBind
|
Specifies there will be no attempt to query the Active Directory
Domain services |
ReadOnlyServer
|
For a WinNT provider, the Business Importer tries to connect to a domain controller. For Active Directory Domain Services, this flag indicates that a writable server is not required for a serverless binding. |
Sealing
|
Encrypt data using Kerberos. |
Secure
|
Requests secure authentication. This is the default value. |
SSL SecureSocketLayer
|
Attaches a cryptographic signature to the message that both identifies the sender and ensures that the message has not been modified in transit. |
ServerBind
|
Used only if |
Signing
|
Verifies data integrity to ensure data received is the same as the data sent. |
None
|
Set to use basic authentication. |
Query structure
- A filter, defined in the
Query
attribute of theImport
element (see Query Attribute). - A comma-separated list of properties to read, defined in the
PropertiesToLoad
attribute of theImport
element (see Import Element.)
Query
attribute, each element must be
enclosed in parentheses. Expressions can use the relation operators <
,
<=
, =
, >=
, >
.
Examples:(objectClass=user)
(lastName>=Davis)
Compound expressions are
formed with the prefix operators &
and |
(logical-AND
and logical-OR).
Examples:(&(objectClass=user)(lastName= Davis))
(&(objectClass=printer)(|(building=42)(building=43)))
Additional parameters
server timeout
,
searchscope
, sizelimit
, and so on). Usually, there is no
need to modify the default values set by the connector. pagesize
attribute must be set to
-1
.ADSI example
<Import
Name="ADUser"
Type="ADSI"
ConnectionString=""
Query = "(&(objectCategory=user)(objectClass=person)(mail=*))"
Properties="distinguishedname,sn,cn,givenname,c,company,
department,division,displayName,employeeID,EmployeeNumber,
mail,manager,middleName,mobile,title,telephoneNumber,
SAMAccountName">
<Log Name="NewLog"
Output="file"
Loglevel="warning"
filename="[DATE][TIME][IMPORT NAME].log.txt">
</Log>
<Object Name="Location"
Type="Location"
Output="locationid1"
Update="false"
Create="True">
<Property Type="groupCN"
Name="Name"
Update="No Update"
Value="distinguishedname"
ValueType="FieldValue"
UseForMatching="True"
Regex="(?<=OU=).*?(?=,)"
RegexOrder ="reverse">
</Property>
<Property Type="groupexid"
Name="ID"
Update="No Update"
Value="locationid1"
ValueType="FieldValue"
UseForMatching="true"
MatchingMask="[value]%."
MatchingMode ="like"
UseNullValueForMatching="removeproperty">
</Property>
</Object>
<Object Name="Compliance Domain"
Type="compliancedomain"
Output="compliancedomainoutid"
Update="False"
Create="True">
<Property Name="Qualified Name"
Type="QualifiedName"
Update="Never"
Value="distinguishedname"
ValueType="Field Value"
UseForMatching="false"
Regex="(?<=DC=).*"
RegexReplace=",DC="
RegexReplaceBy= ".">
</Property>
<Property
Name="Flat Name"
Type="flatname"
Update="Never"
Value="distinguishedname"
ValueType="Field Value"
UseForMatching="true"
Regex="(?<=DC=.*DC=).*?(?=,DC=)">
</Property>
</Object>
<Object
Name="User"
Type="user"
Output="useroutid"
Update="true"
Create="True">
<Property Name="User Name"
Type="username"
Update="Always"
Value="cn"
ValueType="Field Value"
UseForMatching="False">
</Property>
<Property Name="EmployeeNumber"
Type="employeenumber"
Update="Always"
Value="EmployeeNumber"
ValueType="Field Value"
UseForMatching="False">
</Property>
<Property Name="FirstName"
Type="firstname"
Update="Always"
Value="givenname"
ValueType="Field Value"
UseForMatching="False">
</Property>
<Property Name="MiddleName"
Type="middlename"
Update="Always"
Value="middleName"
ValueType="Field Value"
UseForMatching="False">
</Property>
<Property Name="LastName"
Type="lastname"
Update="Always"
Value="sn"
ValueType="Field Value"
UseForMatching="False">
</Property>
<Property Name="JobTitle"
Type="jobtitle"
Update="Always"
Value="title"
ValueType="Field Value"
UseForMatching="False">
</Property>
<Property Name="BusinessPhoneNumber"
Type="BusinessPhoneNumber"
Update="Always"
Value="telephoneNumber"
ValueType="Field Value"
UseForMatching="False">
</Property>
<Property Name="MobilePhoneNumber"
Type="MobilePhoneNumber"
Update="Always"
Value="mobile"
ValueType="Field Value"
UseForMatching="False">
</Property>
<Property Name="Locationid"
Type="locationid"
Update="Always"
Value="locationid1"
ValueType="Field Value"
UseForMatching="False">
</Property>
<Property Name="Email"
Type="Email"
Update="Always"
Value="mail"
ValueType="Field Value"
UseForMatching="False">
</Property>
<Property Name="SAMAccountName"
Type="SAMAccountName"
Update="Always"
Value="SAMAccountName"
ValueType="Field Value"
UseForMatching="True">
</Property>
<Property Name="ComplianceDomainID"
Type="ComplianceDomainID"
Update="Always"
Value="ComplianceDomainoutID"
ValueType="Field Value"
UseForMatching="False">
</Property>
</Object>
</Import>
FlexNet Manager Suite (On-Premises)
2023 R2