...
Intelligent Service Management Field Name | Active Directory Service Field Name | Comments |
---|---|---|
first_name | givenName | |
last_name | sn | |
job_title | title | |
e_mail | ||
user_login | sAMAccountName | |
manager | manager | Follow these rules:
Note: You cannot refer to the manager attribute in the AD in ${manager} format. So, you cannot combine it with any other AD attribute or static value while defining an attribute. |
primary_support_group | The spelling of the value that is provided in this attribute must match exactly with the corresponding value in Intelligent Service Management. For example, "administrator" is a primary support group in Intelligent Service Management. If you misspell the group as "aministrator" in the mapping, then the user is not mapped to the required group. This value is not case-sensitive. The value that you specify here is ignored if:
You can enter only one primary_support_group for a user. | |
support_groups | The spelling of the value that is provided in this attribute must match exactly with the corresponding value in Intelligent Service Management. This value is not case-sensitive. The value that you specify here is ignored if:
You can enter multiple support_groups for a user, separating them with a semicolon (;). If you have multiple support groups, you can pass them as either a static string or an active directory attribute. Consider the following rules while passing multiple values:
Also see, override_existing_support_group_values attribute. | |
override_existing_support_group_values | "False" | This attribute is supplementary to the support_groups attribute. With this attribute, you can specify whether the value passed for the support_groups attribute overwrites the existing value or is appended to it. This attribute can have one of the following two values:
Any invalid value for this attribute is treated as "False". This attribute affects only the support_groups attribute. |
license_type | "1" | You can either directly provide a value as a static string or pass the corresponding attribute from active directory. To pass the value as a static string, put it in double quotes. The valid values are: 0, 1, 2, and 4, where:
The default value is 1. Note: When the license type is 1, then the primary_support_group is automatically set to Self-Service. The value that is provided while defining the primary_support_group attribute is ignored. If you do not map this attribute or enter an invalid value, the license type is set to Self-Service (1) by default. |
language | "en_US" | You can either directly provide a value as a static string or pass the corresponding attribute from active directory. To pass the value as a static string, put it in double quotes. For a list of all valid language codes, see Set Locations and Time Zones. The default language is “en-US”. This attribute is not case-sensitive. |
org_name | Note: The mapping of org_name is governed by strict rules. For more information about this attribute, see Configure the org_name Attribute. | |
lvl1_name | company | Note: Always use the org_name attribute instead of lvl1_name, lvl2_name, and lvl3_name. If you are using the org_name attribute, there is no need to define lvl1_name, lvl2_name, and lvl3_name. These levels are only provided for backwards compatibility with earlier versions of the application. |
lvl2_name | physicalDeliveryOfficeName | |
lvl3_name | department | |
phone1 | telephoneNumber | |
phone2 | mobile |
...
Note |
---|
Always use the org_name attribute instead of lvl1_name, lvl2_name, and lvl3_name. If you are using the org_name attribute, there is no need to define lvl1_name, lvl2_name, and lvl3_name. These levels are only provided for backwards compatibility with earlier versions of the application. For more information about these levels, see attribute_map.list File. You can also define lvl1_name, lvl2_name, and lvl3_name with the org_name attribute. However, the utility gives a higher priority to the hierarchy defined in the org_name attribute. |
Anchor | ||||
---|---|---|---|---|
|
To enable an SSL environment for the ADSync Utility, perform the following steps:
- Click view site information (the lock icon) next to the Intelligent Service Management URL in your browser address bar.
- Navigate to Certificate, Details, and click Copy to File.
- Click Next and set the format that you want to use as .DER encoded binary X.509 (.CER).
- Click Next, enter the file name, and save the file.
- Click Next, verify the path, and click Finish.
- Copy the saved certificate file to the ADSync root (ad-user-sync\) location.
- Run the keytool command from the ADSync root (ad-user-sync\) location.
Import the saved certificate to the ADSync local keystore si by running the following command from the ADSync root:
keytool -importcert -trustcacerts -alias aliasname -keystore si -file saved_certificate_file_name
Note: To run the keytool command from the ADSync root, you need jre/bin in your PATH environment variable.
Replace aliasname with the alias of your choice. For example, cacloudsmcert.
Replace saved_certificate_file_name with the name of the saved certificate file. For example, cacloudsmcert.cer
Use itmaas when prompted for password. The command prompt asks you to confirm whether the certificate can be trusted. Enter y.
A message displays stating that the Certificate was added to keystore.
Anchor | ||||
---|---|---|---|---|
|
To enable an LDAP SSL certificate for the ADSync Utility, perform the following steps:
- Get the LDAP SSL certificate either .DER or .CER format
- Run the keytool command from the ADSync root (ad-user-sync\) location.
- Import the saved certificate to the ADSync local keystore si by running the following command from the ADSync root:
keytool -importcert -trustcacerts -alias aliasname -keystore si -file saved_certificate_file_name
Note: To run the keytool command from the ADSync root, you need jre/bin in your PATH environment variable.
Replace aliasname with the alias of your choice. For example, cacloudsmcert.
Replace saved_certificate_file_name with the name of the saved certificate file. For example, cacloudsmcert.cer
Use itmaas when prompted for password. The command prompt asks you to confirm whether the certificate can be trusted. Enter y.
A message displays stating that the Certificate was added to keystore.
Follow the below steps to verify the certificates in the keystore:
- Copy the si file to a directory.
- Execute the below command:
E:\>keytool -list -keystore si
Enter the keystore password, Keystore type and Keystore provider. Upon successful certificate import, 2 certificate entries should be available in the Keystore.
Note |
---|
This procedure is verified on Internet Explorer and Chrome browsers. |
...