Tools. Import User accounts from the Active Directory (LDAP)
The Management Console provides the Active Directory Import Wizard that allows you to import user accounts from the Active Directory (LDAP) catalog by Organizational Units or/and Groups criteria. It is easy to create a user database in a few minutes if your business/corporate network is based on the Windows Domain structure.
||To import users accounts from LDAP catalog "on-the-fly" when new users connect to the IM server you can use the Active Directory (LDAP) integration settings.
To open the Active Directory Import Wizard select the "Tools\Active Directory Import Wizard..." item from the main menu.
|Welcome to the Active Directory Import Wizard|
The second dialog box allows you to select how to import and create a user database on the IM server.
|Select how user accounts should be imported from the Active Directory|
There are 3 options available:
- "Create a new database" — Select this option to create a new database on the IM server and then import accounts from the Active Directory. In this case, any existing accounts and their message, transfer and activity history will be deleted.
- "Update existing user accounts only" — Select this option if you want to update only existing user accounts with information imported from the Active Directory. The wizard will not import any newly added accounts from the catalog.
- "Import newly added user accounts only" — Use this option to synchronize the IM server database with the Active Directory catalog. The wizard will import only new accounts and will not change any information associated with your existing accounts.
You should use the following page to specify the user name and password to access the Active Directory catalog.
|Enter the login ID and password to connect to the LDAP catalog|
You can use the following options:
- "Current account" — Select this option if you are logged into the Domain network and your account has the appropriate rights to connect to the Active Directory catalog and enumerate containers and users.
- "Specified account" — Otherwise you can select this option and enter the login ID and password that should be used to connect to the catalog and import user accounts from it.
The next page allows you to select the criteria you want to import user accounts by.
|Select the import criteria|
You can choose one of the following import criteria:
- "Organizational Units" — Select this option to display the Organizational Units tree available in the Active Directory catalog. Then you can select only those OUs in the tree you want to import user accounts from.
- "Groups" — Select this option to display the list of available Groups in your LDAP catalog. Then you can select only those Groups you want to import users from.
Select the "Enumerate objects only from the specified container
" option to specify the path in your current LDAP catalog that should be used as a root (start) container to enumerate child elements. This is very useful if your Active Directory catalog is large and the enumeration of elements may take a long time. Use the standard path beginning with the LDAP://
||For example, the path "LDAP://OU=sales,OU=la,DC=mycompany,DC=com" allows you to connect to the child container "Sales" in the parent (root) container "LA" in the global domain "mycompany.com".
Use the "Do not import disabled accounts
" checkbox to import only active user accounts from the LDAP catalog.
Import by Organizational Units/Groups
Depending on the options selected in the previous dialog box, the next page displays either the Organizational Units tree or the Groups list.
|Select Organizational Units from the available tree|
|Select Groups from the available list
Depending on the criteria selected on the previous page, select the items you want to import user accounts from.
Use "Create the Organizational Units tree similar to the selected LDAP containers" option to create the same items in the Organizational Units tree on the IM server. Note, that you must select at least one item from the available tree/list.
The "Create Messaging Groups similar to the LDAP Groups that all users are a member of" automatically creates Messaging Groups on the communication server similar to the Active Directory groups that each imported user is a member of. Initially each newly created Messaging Group is disabled on the IM server and its name has the following format: LDAP_GroupXX, where XX is a number. Description of the group includes original name of the LDAP group. You should enable the Messaging Group to activate it on the communication server.
Click Next to start import.
Importing User Accounts
The next page displays the status of the import process.
|User accounts are now being imported from the LDAP catalog|
Wait till the process is over. After the wizard finishes its work, you can see its log file containing advanced details about the imported user accounts. You can view the import log file at any time using the "Tools\View import log..." item from the main menu.
||After you completed the Active Directory Import Wizard, you must restart the Management Console to apply and see the changes.