Connectors
Active Directory
The Active Directory provider in Data Sync is a read-write connector for Active Directory User and Contact objects.
Credentials
Your Windows Credentials to connect to your Active Directory, if blank then the current process/user credentials are used instead. To add them click on the ellipsis (...) to open the credentials window.
LDAPPath
The LDAP Path to your Active Directory can be a full LDAP path or server name.
- LDAP://dc=corp,dc=litware,dc=inc
- LDAP://dc01
UseSecureSocketsLayer
If your AD has SSL enabled you can connect using SSL by changing this to True by selecting the value from the drop down list.
LDAPFilter
The LDAP filter used to limit the results on the server side.
The default filter is set as (&(objectClass=User)(givenname=*)(sn=*)) this returns Active Directory Objects that are of type user have a givenname value and a sn value.
Group Filter
You can use an LDAP Filter to limit the results returned from Active Directory.
The LDAP filter below is an example filter that returns users that are members of the CRM Team Users Active Directory group
(&(objectClass=User)(memberOf=CN=CRM Team Users,CN=Users,DC=corp,DC=litware,DC=inc))
PageSize
The number of Active Directory objects to return in each query request default 1000.
SchemaClassName
Used when creating Active Directory objects specifies the type of object to create either User or Contact.
SchemaItemFormat
Used when creating Active Directory objects specifies how the Object Name is created, uses replacement tokens so that the name is created from values in the schema map for example $First Name$ $Surname$
Properties
The Properties collection contain all the Active Directory Properties that the connection will return. The connection includes a default set of properties and you can extend this list with your own custom Active Directory Attributes.
| Property | Description | Example |
|---|---|---|
| AdName | The name of the Attribute in Active Directory | employeeid |
| DataType | The DataType of the Attribute | System.String |
| ReadOnly | Specifies if this is attribute read-only and therefore not sent to Active Directory on Create and Update. |
False |
| TryParseValue | Specifies if Data Sync should try and parse the value to extract a friendly value. Should be false if your Updating this attribute. | False |
Adding properties requires that you refresh the Data Source Schema so they are displayed.
Update the Manager Attribute
To update the Active Directory Manager attribute first you need to change the default property value so that ReadOnly=False and TryParseValue=False
If you preview the Active Directory data you will now notice that the Manager attribute is returned in full Active Directory path format CN=Test User 2,OU=TestUsers,DC=internal,DC=simego,DC=com this is the format you need to supply to Active Directory.
You can do this several ways either via a Lookup to Active Directory and return the Distinguished Name property or build a function in Dynamic Columns to create the value you need.
Set User Password
You can set the Password on a user account via Project Automation using the .NET DirectoryEntry object that you can get via GetDirectoryEntry(string) method.
For example the code below runs in Project Automation AfterAddItem method to set a default password on the account.
public override void AfterAddItem(object sender, DataCompareItemInvariant item, object identity)
{
Trace.WriteLine("AfterAddItem->{0}", identity);
using(var entry = DataSourceB.GetDirectoryEntry(identity))
{
var uac = (int)entry.Properties["userAccountControl"].Value;
uac = uac | 0x10000; //Password never Expires
uac = uac & ~0x2; //Unlocked
entry.Properties["userAccountControl"].Value = uac;
entry.Invoke("SetPassword", "!password123");
entry.Properties["pwdLastSet"].Value = -1;
entry.CommitChanges();
}
}