User Data Synchronization

Enter the connection data for the directory service with the service user and password as shown in the example:

java.naming.provider.url=ldap\://10.1.4.160\:389
java.naming.security.authentication=Simple
java.naming.security.principal=username@activdirectory.de
java.naming.security.credentials=passwort
java.naming.ldap.attributes.binary=objectGUID

You can include multiple *.properties connection files for the group and user import file.

The configuration determines all users who are classified under 'rootpath', including the users from groups in groups in groups that are created in 'rootpath'.

The result is a flat list of users who are found there and who also meet the filter criteria. They are imported into the yuuvis® RAD group specified in the 'initialparent' parameter.

Change entries and values in the following lines:

• connectionPropertiesFilename (Configuration setting)

  The name and storage location of the connection file are entered as a value. The storage location is relative to the configuration directory.

  <setting name="connectionPropertiesFilename" value="ldapsync/ad.properties"/>

• rootPath (Action parameters)

  The path within the directory tree from which the data is imported.

  <parameter name="rootPath">OU=Entwicklung-QS-Dokumentation,OU=OS Berlin,OU=OS Standorte,DC=dev,DC=optimal-systems,DC=de</parameter>

• initialparent

  The path within the organizational structure of yuuvis® RAD under which the users are classified.

  <initialparent name="LDAP"/>

• password (User accounts)

  Password for all newly imported users.

  <password>optimal</password>

• deactivatedobjectsparent

  Group to which the users who should be removed by the import are moved but should be retained in yuuvis® RAD due to data consistency. Example: Users that are entered as editors in the history of objects and therefore will not be deleted but rather will be moved to a group listed here.

  If users are part of the import data again, they are automatically removed from this group.

  <deactivatedobjectsparent name="not_yet" />

  The specified group cannot be affected by other synchronizations.

• SIMULATION / NORMAL (action mode)

  Simulation: The import data is identified and saved in the report. The import operation cannot be carried out.

  Normal: The import operation is being carried out.

• classmapping

  In this section, attributes from the directory service are mapped to yuuvis® RAD user attributes. The preconfiguration should only be changed after consultation.

  Mappings can be supplemented with prefix and postfix values.

  Example: <fieldmapping sourceName="sAMAccountName" targetName="sysname" prefix="" postfix="@test.org"/>

The configuration determines all groups and users that are classified under 'rootpath' and that also meet the filter criteria. The group structure from the directory service in yuuvis® RAD is therefore retained.

They are imported into the yuuvis® RAD group specified in the 'initialparent' parameter.

Change entries and values in the following lines:

• domain

  Multiple 'domain' sections with different parameters and different *.properties connection files can be created.

• connectionPropertiesFilename (Configuration setting)

  The name and storage location of the connection file are entered as a value for a domain. The storage location is relative to the configuration directory.

  <setting name="connectionPropertiesFilename" value="ldapsync/ad.properties"/>

• rootPath (Action parameters)

  The path within the directory tree from which the data is imported.

  <parameter name="rootPath">ou=OS Standorte,DC=optimal-systems,DC=de</parameter>

  If you want to apply data from different branches of the directory tree, you can use the <domain name="name"> tag to create additional domains with a different RootPath and parameters. Data will only be imported if all domains are valid.

• groupNames (Action parameters)

  The groups from rootPath whose data you wish to import for a group import.

  <parameter name="groupNames">OS-Hannover; OS-Wien; OS-Hamburg; OS-Stuttgart; OS-Bielefeld; OS-München; OS-Jena; OS-Schweiz; OS-Hamburg; OS-Konstanz; OS-BERLIN</parameter>

  Spaces used as the first or last character(s) of group names must be masked with a backward slash (\).

• initialparent

  The path within the organizational structure of yuuvis® RAD under which the groups are classified.

  <initialparent name="LDAP"/>

• password (User accounts)

  Password for all newly imported users.

  <password>optimal</password>

• danglingobjectsparent

  Group to which users who were in a directory service group that will be removed by the import will be moved.

  <danglingobjectsparent name="LDAP"/>

• deactivatedobjectsparent

  Group to which users are moved who are removed by the import but must be retained in yuuvis® RAD due to data consistency.

  If users are part of the import data again, they are automatically removed from this group.

  <deactivatedobjectsparent name="default-suborganisation" />

  The specified group cannot be affected by other synchronizations.

• SIMULATION / NORMAL (action mode)

  Simulation: The import data is identified and saved in the report. The import operation cannot be carried out.

  Normal: The import operation is being carried out.

• classmapping

  In this section, attributes from the directory service are mapped to yuuvis® RAD user attributes. The preconfiguration should only be changed after consultation.

  Mappings can be supplemented with prefix and postfix values.

  Example: <fieldmapping sourceName="sAMAccountName" targetName="sysname" prefix="test.local\" postfix="@test.org"/>

  Postfix values support LDAP directory service connectivity in particular.