RFL200152: Importing users from Active Directory

Created 24 Mar 2016 by Scott Keatinge, edited by Alex Graf

Importing users from Active Directory

 

To import users from Active Directory into RayFlow 2.1, first log into RayFlow as a RayFlow administrator, go to Administration > Users, and then press the [Import Users through Active Directory Services] button:

 

Active Directory Import Settings

LDAP filter: LDAP query that will search the targeted container/object and all sub-objects.

  • Requires at least the name of the domain, which can be in NetBIOS or FQDN format.

        test-domain or test-domain.local

  • This field also accepts an LDAP query in the distinguishedName format, as displayed by the DSQUERY command.

        test-domain.local/OU=<OU Name>,DC=<Domain Name>,DC=<TLD>

Domain: Does not work at this time.

Doman credentials: A domain user that has at least read permission to Active Directory.

 

 

 

 

Searching the root of the domain:

LDAP Filter: test-domain

 

 

Searching an Organisational Unit:

LDAP Filter: test-domain.local/OU=RayFlowTestOU,OU=Raynet,DC=test-domain,DC=local

 

 

Searching a Group:

LDAP Filter: test-domain/CN=Users,DC=test-domain,DC=local

 

 

 

 

Importing the AD users: Select the users that you wish to import, specify the project(s) that they should be assigned to, specify their initial RayFlow password (used only if these users have their AD integration associated removed), and then press the [IMPORT SELECTION] button.

 

You are now in a position to add the imported users to one or more RayFlow groups:

 

 

 

 

Important

 

Due to a recently identified issue, you will need to edit the imported users and correct their Domain value, as the import currently uses the CN or OU value that is immediately after the ‘/’ character within the LDAP query. 

 

 

Automated importing users from Active Directory

 

The entire process of importing users from Active Directory into RayFlow can be efficiently automated through a customized PowerShell script (PS1).

 

Important

This script template can be tailored to meet customer specific requirements.

Customizing the script template will be done according to each customers specific needs. This ensures that individual requirements are accommodated, and the import process is optimized accordingly.

By regularly running the PS1 script on the server, a continuous update and management of users within RayFlow are ensured. This enables efficient and timely maintenance of user accounts, without requiring manual intervention by the administrator.

 

Overall, automation through the PS1 script provides a time-saving and reliable solution to streamline user import and management in RayFlow, significantly reducing administrative efforts.

 

 

 

 

Comments

Powered by Zendesk