TABLE OF CONTENTS


Introduction

The AD connector is used to pull in data from Active Directory. The AD connector consist of the following panels:

  • AD Discovery Status
  • Import User Options
  • User Update Options
  • Import Machine Options
  • Machine Update Options
  • Application Update Options
  • Troubleshooting




An Administrator has the ability to toggle each of the panels available OFF/ON



AD Discovery Status

The table below provides information on the elements within this panel.


UI ElementDescription
Run AD Discovery NowA button to allow an Admin to run the AD Discovery sync now.
Schedule AD Discovery #1Specify the times to run the AD Discovery.
Schedule AD Discovery #2Specify the times to run the AD Discovery.
Last Discovery DateDisplays the last time the AD Discovery ran successfully. 
DomainThe 'Friendly' name of the Domain as it appears on the User Migration grid. For example 'Global'.
Distinguished NameThe distinguished name of the Domain as it appears in the AD properties. For example DC=Global,DC=COM.
Emails Logs ToList of email addresses to email a copy of the import log at the end of the sync. Use ; for multiple list for example t@blogg.com;Accounts@blogg.com.
Overall ProgressDisplays the overall progress of the import.
Current Task ProgressDisplays the current task progress.
Import LogText box used to display the AD import logs.



Import User Options

The table below provides information on the elements within this panel.


UI ElementDescription
User Last Login < X DaysOnly import Users that have logged in in the last X days. Use '0' to import all Users.
Exclude Disabled User AccountsThis option prevents accounts which are disabled from being imported. It is recommended to have this enabled.
Users to ExamineDefine the specific OU or Group to be examined for the Users. The OU must be specified using the distinguished name.For example:
  • Type: OU
  • Distinguished Name: OU=Users,OU=Lab,DC=ms,DC=Local
  • Options: Nested Members|Direct Members|Exclude Members
Exclude User AccountsDefine explicitly Users to be excluded. For example a list of User account not to import. Use * as a wildcard to filter multiple account. *SRV*, *Service accounts*.



User Update Options

The table below provides information on the elements within this panel.


UI ElementDescription
Don't Update Locked UsersThis option will not update a User record that is locked in ManagementStudio. NB this is not related to a User locked in AD.
Archive UsersAutomatically archive and un-archive a User in ManagementStudio based on its status in AD.
Import User OU Path as BlueprintThis option converts a Users OU to Blueprints. For example 'AD Info\Computer\UK'.

If User Blueprint is BlankIf Department is blank then Skip, or use 'AD Info\Name' or use 'AD Info\<blank>\Name'.
Start User Blueprint Folder PathPrefix the Blueprint in the Mappings table with this root path. For example 'AD Info\'.
User Field MappingsIn this section, an admin has the ability to define and map the list of AD fields to be written back to the User record in ManagementStudio. When importing data from AD, ManagementStudio uses a simple convention:
  1. Target - The target field is a field in ManagementStudio, this can be a Detail Field, Custom field or a Blueprint.
  2. MS Field - This is the path to the ManagementStudio field or name of the field used.
  3. AD Field - This is the attribute of an AD User object, Any AD User's attributes can be used as the AD field and ManagementStudio has some built in special mechanism for transforming the AD data. Please refer to this article for a list of all User AD attributes.



Import Machine Options

The table below provides information on the elements within this panel.


UI ElementDescription
Machine Last Login <X DaysOnly import Machines that have logged in in the last X days. Use '0' to import all Machines.
Exclude Disabled Machine AccountsEnable this option of exclude all Disabled Machines in AD from the Machines that are imported.
Machines to ExamineDefine the specific OU or Group to be examined for the Machines. The OU must be specified using the distinguished name. For example:
  • Type: OU|Group
  • Distinguished Name: OU=Computers,OU=Lab,DC=ms,DC=Local
  • Options: Nested Members|Direct Members|Exclude Members

Exclude Machine AccountsDefine explicitly Machines to be excluded. For example a list of Machines account not to import. Use * as a wildcard to filter multiple account. *SRV*, *Printers*.



Machine Update Options

The table below provides information on the elements within this panel.


UI ElementDescription
Don't Update Locked MachinesThis option will not update a Machine record that is locked in ManagementStudio. NB this is not related to a machine locked in AD.
Archive MachinesAutomatically archive and un-archive a machine in ManagementStudio based on it status in AD.
Import Machine OU Path as BlueprintThis option converts a Machines OU to Blueprints. For example 'AD Info\Computer\UK'.
If Machine Blueprint is BlankIf Department is blank then Skip, or use 'AD Info\Name' or use 'AD Info\<blank>\Name'.
Start Machine Blueprint Folder PathPrefix the Blueprint in the Mappings table with this root path. For example 'AD Info\'.
Machine Field MappingsIn this section, an admin has the ability to define and map the list of AD fields to be written back to the Machine record in ManagementStudio.

In this section, an admin has the ability to define and map the list of AD fields to be written back to the MAchine record in ManagementStudio. When importing data from AD, ManagementStudio uses a simple convention:
  1. Target - The target field is a field in ManagementStudio, this can be a Detail Field, Custom field or a Blueprint.
  2. MS Field - This is the path to the ManagementStudio field or name of the field used.
  3. AD Field - This is the attribute of an AD Machine object, Any AD Compute's attributes can be used as the AD field and ManagementStudio has some built in special mechanism for transforming the AD data. Please refer to this article for a list of all Computer AD attributes. 



Application Update Options

The table below provides information on the elements within this panel.


UI ElementDescription
Link Users to Apps via AD GroupsLink: Creates a User-App links if the User is in ManagementStudio.
Remove: Takes the App off the User if they removed from the AD Group.
User Name FormatAn option to display the format of the list of Users that are imported from the AD Group.
Link Devices to Apps via AD GroupsLink: Creates a Device-App links if the Device is in ManagementStudio.
Remove: Removes the App of the Device if it is removed from the AD Group.
Device Name FormatThe format of the list of Devices that are imported from the AD group.
Recurse Nested App GroupsSearch down the AD Tree of Sub-Groups for Users/Devices. This can be very slow and AD intensive. It is recommended to only use if necessary.
Import Application OU Path as BlueprintThis option converts a App to Blueprint. For example 'AD Info\User\UK\Front Office'
If App Blueprint is BlankIf Department is blank, then: Skip, or use 'AD Info\Name' or use 'AD Info\,black.\Name'.
Starting App Blueprint Folder PathPrefix the Blueprint in the Mappings table with this root path. For example 'AD Info\'.



Troubleshooting

The table below provides information on the elements within this panel.


UI ElementDescription
NotesText field used to enter more information about the project environment.
Installed VersionDisplays the current version installed.
Installed DateDisplays the date the current version was installed.
Verbose LoggingThis options generates large files and should only be enabled for troubleshooting.
Online HelpLink to the Online solutions article. 



Adding a new AD Connector

Overview

This walkthrough shows an admin how to add an Active Directory(AD) connector.


Connecting to AD

In order to create a connector to AD, you generally need to have some knowledge about the type of data source as well as the necessary permissions to connect.


Creating a new AD Connector

  • Switch to Administration (1) from the left vertical menu.
  • Click on Extensions (2) from the automation panel.
  • Click Connectors (3).



  • Click Add New Connector (1).
  • Select + AD - [Domain](2).




  • Enter the name of the AD Domain (1).
  • Click OK (2) to create the AD connector.



  • The new AD connector should now be visible within the left tabbed menu.
  • Ensure the toggle next to AD Discovery Status is turned ON.
  • Populate the following UI elements:
  • Domain (1)
  • Distinguished Name (1)
  • Click Save Changes (2).
  • Click Run AD Discovery Now (3).
  • Click Continue when asked to confirm to run the AD Discovery.


  • When it finishes establishing the connection to AD, there will be a prompt displayed notifying that it has finished.
  • The Import Log (4) text field will display the logs of the import.
  • The Last Discovery Date (5) will display its last successful run.
  • This completes configuring and establishing a connection to an AD connector.
  • An Administrator can now switch back and configure the import based on their requirements in relation to Users, Devices and Applications using the various panels available.

Further Support

If you require further support, please visit ManagementStudio's Service Desk at https://support.migrationstudio.com/ to search the knowledge base or create a new support ticket.