Active Directory synchronization

Active Directory synchronization

 

Users stored in the company's Active Directory (or any other LDAP server) can be synchronized by the Verba database. It can be administered on the web interface under the Administration / Active Directory Synchronization menu item.

Multiple Active Directory Profiles can be set up in Verba so multiple AD servers, or users with different privileges can be synchronized. The profiles will always be executed in a configurable order, and each user will be processed by only one Active Directory Profile, so the Profile with the smaller sequence will process users read from multiple profiles.

The synchronization process might take long time (especially if there are many synchronized users) so it is scheduled to run once a day at 1 AM (the time can be changed). For testing purposes and urgent cases, the synchronization can be started on the web interface under the Administration / Active Directory Synchronization menu item.

LDAP Directory Information tab

LDAP Directory Information section
 

Configuration Parameter NameDescriptionSample Value

Description

The profile's talkative name Recorded Users
Enabled Disabled profiles will not be synchronized. Yes
Sequence Each user will be processed by only one Active Directory Profile, so the Profile with the smaller sequence will process users read from multiple profiles. 100
LDAP Host Host name of the AD / LDAP server. ad.mycompany.com
LDAP Port Port number of the AD / LDAP server. Default port is 389, Active Directory Global Catalog Forest-Wide port is 3268.  389
Character Encoding What character encoding should be used when reading from the AD / LDAP server. ISO-8859-1
LDAP User Distinguished Name or Domain User Name The full user name that Verba will use when connect to the AD / LDAP server. This account should have the proper privileges to read the synchronized users. For anonymous logon, leave it empty.  mycomp\verba_acc
LDAP Password The password that Verba will use when connect to the AD / LDAP server. For anonymous logon, leave it empty.  secret
LDAP User Search Base The DN of the container where the synchronized users can be found. Base DNs can be fetchedby the button next to the input field.  OU=Users,DC=mycomp,DC=com
LDAP Search Filter A valid LDAP Search expression that will be used to filter the entries under LDAP User Search Base. (&(objectclass=person)(memberOf=CN=Verba_Group,DC=yourdomain,DC=com))
Search Entry Fill it with either a simple string like 'Verba_Rec*' or with a valid LDAP filter like (CN=Verba_Rec*)
Search results will not be stored in the database neither will be used during the synchronization. It is just a tool you might use to find a valid full DN in the Active Directory. 
 

Synchronized LDAP Attributes Mapping section
 

Configuration Parameter NameDescriptionSample Value

Display Name

LDAP attribute name that stores the users' full name.

cn

Login ID LDAP attribute name that stores the users' full name. sAMAccountName
E-mail Address LDAP attribute name that stores the users' email address mail
Synchronize Phone Numbers If it is not turned on, Verba will not synchronized phone numbers. If the profile stores users who should not have phone numbers, then this setting should be turned on and no extension mapping should be set up. New extension mapping can be added by pressing the + button below.  
Extension Mapping / LDAP Attribute LDAP attribute name that stores the users' phone number or SIP address. telephoneNumber
Extension Mapping / Pattern to Match A regular expression that will be replaced. ^[sS][iI][pP]:(.*)$
Extension Mapping / Conversion Rule The regular expression in "Pattern to Match" setting will be replaced by this text or regular expression. $1

 

Test Connection section

This section can be used to quickly test wether the configuration is proper.

 

New Users' Properties tab

Properties listed on this tab will be set when a new user created and will not be automatically updated later.

New Users' Properties section

The basic user configuration can be set up here such as Password Generation, Language, Timezone, etc. Since these properties are not synchronized from the AD, these can be customized later for the individual users.

New Users' Rights section

What Verba rights should the newly created users have. Since Verba rights are not synchronized from the AD, these can be customized later for the individual users.

New Users' Groups section

In which Verba groups should the newly created users be members. Since Verba groups are not synchronized from the AD, these can be customized later for the individual users.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.