Importing Active Directory User Details

You can import the user details from Microsoft On-Premise, Google, Azure, and Samba Active Directories into the SummitAI database. You can bulk import user details, such as NT Login ID, User Name, Employee ID, E-mail ID, Employee Photograph, Customer, Country, and so on at a time.

 Microsoft On-Premise

To import users from Microsoft Active Directory:

  1. Select Admin > Basic > Users > Import > AD Import. The AD IMPORT page is displayed.
  2. On the ACTIONS panel, click Filters and select the Domain from the drop-down list.
  3. Click ADD NEW on the ACTIONS panel.
  4. Select the drop-down value as Microsoft On-Premise in the User Directory drop-down field. Type in the Active Directory details from where you want to import user details. For more information about the fields on the AD IMPORT page, see Field Description.
  5. Click SUBMIT. The Active Directory details are saved.


    Figure: AD IMPORT page

    Field Description

    The following table describes the fields on the AD IMPORT page: 

    Field

    Description

    LDAP (Lightweight Directory Access Protocol) Configuration:

    LDAP Path

    Specify the path name of the Active Directory database.

    Notes:
      • If you configure IP address in the IP Address field, specify the string to represent the Distinguished Name (DN). Example: CN=Users,DC=summitdc,DC=lab
      • If you do not configure the IP address in the IP Address field, specify the fully qualified name of the DN. Example: summusdv.lab

    Import from AD

    Select the required options you want to import from the Active Directory.
    Users: Select Users to import all the users available in the AD.
    Groups: Select Groups to import all the groups available in the AD.
    Deleted Objects: Select Deleted Objects to import all the deleted objects, such as users or groups from the AD.

    Domain

    Specify the Domain name of which you want to import the user details to the Application. The Domain name is the abbreviation of the company name.

    User Name (DOMAIN\User Name)

    Specify the domain user name. For example, Domain\username

    Password

    Type in the password.

    Confirm Password

    Re-enter the password for confirmation.

    Time Zone

    Select a Time Zone from the drop-down list. The selected Time Zone is the default Time Zone for all the users. You can configure the Time Zone in COMMON MASTERS page by using the Master Type, Link Thresholds. For more information about how to configure the Time Zone, see Configuring Common Masters . If a Time Zone is mapped to a specific location, the mapped Time Zone is displayed in the Time Zone drop-down list.

    Note: You must do the AD import after selecting the Time Zone.

    IP Address

    Specify the IP address of the machine if Proxy Server is configured in the demilitarized zone (DMZ).

    Run at Source

    Lists the configured monitoring source type.

    • SUMMIT Server: It refers to the Server where SummitAI  It Management Suite is installed using the SummitAI  It Management Suite Installer. It is also referred to SummitAI Centralized Server. Select this option to perform the monitoring operation from this centralized server.
    • SUMMIT Proxy: This is an alternative Server. Select this option to perform the monitoring operation using this server.

    Select one of the monitoring source. Based on the selected option, the job types are displayed in the list box.

    Run at Proxy

    This field is displayed if Run at Source is selected as SummitAI Proxy. Select the configured Proxy Server from the list by which the AD Import job should run.

    Enable SSL Connection

    • If selected, the application runs with the web protocol “HTTPS”, which establishes a secured connection while exchanging data with the server.
    • If not selected, the application runs with the web protocol “HTTP”, which is not a secured connection and is susceptible to data theft or spying.

    Active

    Indicates the status set for the Active Directory configuration details.

    • If selected, the Active Directory configuration details are used for importing user data to SummitAI database.
    • If not selected, the Active Directory configuration details are inactive. The configured details are ignored while importing user data to SummitAI database.

    OTHER ACTIONS

    Specify OU(s) to exclude

    Specify the organizational units that you wish to exclude from importing to the SummitAI application.

    Specify Group(s) to include

    Specify the Groups that you want to include. You can add more than one Group.

    Attributes Not to be Null

    Specify the attributes for which the value should not be Null while importing data from the Active Directory database. For example: Object Class.

    Disable Users

    Indicates the status set for the user.

    • If selected, the disabled user details are not imported from the Active Directory to SummitAI database.
    • If not selected, the disabled user details are also imported from the Active Directory to SummitAI database.

    Clear NT ID

    If selected, the NT ID of deleted users are cleared from AD. This option should be selected only for deleted users and not disabled users.

    Clear Email ID

    If selected, the Email ID of deleted users are cleared from AD. This option should be selected only for deleted users and not disabled users.

    Ignore Display Names With Text

    Specify the keywords to ignore the user names with the specified keywords while importing data from Active Directory to Summit. If the specified keywords are present in the User’s Display Name text, the user data is ignored while importing data from Active Directory to SummitAI .

    Ignore the SAM Account Names with text

    Specify the keywords to ignore the SAM Account Names with the specified keywords while importing data from the Active Directory to SummitAI . If the specified keywords are present in the SAM Account Name (NT Login ID), the user data is ignored while importing data from Active Directory to SummitAI .

    Differential Scan

    In differential scan process, the machine is scanned for any changes in the Active Directory progressively. All the changes that are updated in the Active Directory after the previous scan are displayed.

    Full Scan Frequency

    Specify the frequency at which the full scan is scheduled.

    AD Import Logs

    The AD Import Log captures all the logs and displays it in the IMPORT HISTORY pop-up, whenever any issue occurs during the AD user import.

    Following are the three types of issues captured:

    • Error
    • Debug
    • Info

    Error: This option is enabled by default. The errors occurring during the AD user’s import are captured and displayed in the IMPORT HISTORY pop-up.

    Debug: This option should be enabled manually, and it captures the debug logs and displays it in the IMPORT HISTORY pop-up.

    Info: This option should be enabled manually, and it provides the ability to view the user’s import information in the IMPORT HISTORY pop-up.

    Configure Notification

    It helps to send an e-mail notification with consolidated error list along with the users whose import failed during the AD user import. Based on the requirement, you can configure the recipients to whom the e-mail notification should trigger.

    You can configure the e-mail notification by providing the recipient details and required info in the EMAIL NOTIFICATION pop-up. The Notification will be triggered in case of any user import failure or error.


    Figure: EMAIL NOTIFICATION pop-up

    Following fields are displayed in the EMAIL NOTIFICATION pop-up:

    • Subject: You can provide the mail subject.
    • Body: You can provide the mail body.
    • Recipients: You can specify the recipient’s name and search to add them.
    • Selected Recipients: It displays the selected recipients.

          Note: E-mail notification is sent only to the selected recipients.

    CONFIGURATION FOR LOG INCIDENT
    Log an Incident in case of Failure

    Based on the error logs, the incident can be logged by consolidating all the errors along with the list of users whose import failed.

    If this check box is enabled then the following fields are available for edit. These field are greyed out if the check box is disabled.

    • Mailbox: It helps to send an e-mail when there is a user import failure. A Notification parser must be configured to send e-mail notification for user import failure. The incident will be logged only if the Notification Parser is configured with the same e-mail ID.

    The following fields are similar to the SMTP configuration. Email is sent using this configuration parameters.

    • From Name: Specify the from name.
    • From E-mail ID: Specify e-mail ID from which mail should be sent.
    • Server Name: Specify SMTP server name.
    • Port: Specify the SMTP port number.
    • User Name: Specify the SMTP user name.
    • Password: Specify the SMTP password.
    • SSL: Enable/Disable the check box for sending an e-mail.

    ATTRIBUTES DETAILS

    NT Login ID

    By default, the standard attribute for NT Login ID is displayed. You can modify the data as specified by the Administrator, if required.

    User Name

    By default, the standard attribute for the user name is displayed. You can modify the user name as specified by the Administrator, if required.

    E-mail ID

    By default, the standard attribute for the user e-mail id is displayed. You can modify the user e-mail id as specified by the Administrator, if required.

    Employee ID

    By default, the standard attribute for the employee id is displayed. You can modify the employee id as specified by the Administrator, if required.

    Customer

    By default, the standard attribute for the customer is displayed. You can modify the customer as specified by the Administrator, if required.

    Location

    By default, the standard attribute for the location is displayed. You can modify the location as specified by the Administrator, if required. For multiple locations, concatenate the locations in this format: Location 1+;+Location 2.

    Country

    By default, the standard attribute for the country is displayed. You can modify the country as specified by the Administrator, if required.

    Designation

    By default, the standard attribute for the designation is displayed. You can modify the designation as specified by the Administrator, if required.

    Contact Number

    By default, the standard attribute for the contact number is displayed. You can modify the contact number as specified by the Administrator, if required.

    Mobile Number

    By default, the standard attribute for the mobile number is displayed. You can modify the mobile number as specified by the Administrator, if required.

    Manager

    By default, the standard attribute for the manager is displayed. You can modify the manager name as specified by the Administrator, if required.

    Address

    By default, the standard attribute for the address is displayed. You can modify the address as specified by the Administrator, if required.

    NOTIFICATION

    Notify Inactive User Details

    Select the check box to send notification e-mails to notify the Administrators regarding the users who are deactivated/ deleted from the AD.

    Notification E-mail IDs

    Specify the e-mail ids of the Analysts to send the notification e-mails.

    Select Templates

    • Select the template that you wish to configure for all the users in the active directory.
    • Select the check box corresponding to the template that you wish to configure for the users.

    Note:

    The analyst persona inactive analyst email notification feature is enhanced to address all the pending and progressive dependents associated with the inactive analyst. For more information, see OFFBOARDING USER POLICY LIST.

    Note:

    To import an Employee Photograph, ensure that the job, USERIMAGEIMPORTAD is running on the CUSTOM SCHEDULER page. For more information on how to run a job on CUSTOM SCHEDULER page, see Configuring Custom Scheduler.

    Note:

    The Custom Fields configured on the FORM BUILDER page is displayed under the ATTRIBUTE DETAILS section. For more information on how to configure Custom Fields, see Configuring Custom Fields for Users.

 Google

To import users from Google Active Directory:

  1. Select Admin > Basic > Users > Import > AD Import. The AD IMPORT page is displayed.
  2. On the ACTIONS panel, click Filters and select the Domain from the drop-down list.
  3. Click ADD NEW on the ACTIONS panel.
  4. Select the drop-down value as Google in the User Directory drop-down field. Type in the Active Directory details from where you want to import user details. For more information about the fields on the AD IMPORT page, see Field Description.
  5. Click SUBMIT. The Active Directory details are saved.


    Figure: AD IMPORT page

    Field Description

    The following table describes the fields on the AD IMPORT page: 

    Field

    Description

    CONFIGURATION:

    AD Domain

    Specify the Domain name from which you want to import the user details to the Application. The Domain name is the abbreviation of the company name.

    Import from AD

    Select the required options you want to import from the Active Directory.
    Users: Select Users to import all the users available in the AD.
    Deleted Objects: Select Deleted Objects to import all the deleted objects, such as users or groups from the AD.

    Service Account ID

    Specify the Service Account ID. You can create a Service Account in the  Service Accounts section on the IAM & Admin page in your G-Suite.

    Delegated E-mail ID

    Specify the delegated E-mail ID. You can create a delegated E-mail ID from the Security section on the Admin Console in your G-Suite.

    Upload Certificate

    Upload the Certificate you have downloaded from G-Suite. Allowed Extension is .p12 only.

    Certificate Password

    Specify the Certificate Password. You can generate a Private Key while creating Service Account in your G-Suite.

    Run at Source

    Lists the configured monitoring source type.

    • SUMMIT Server: It refers to the Server where SummitAI IT Management Suite is installed using the SummitAI IT Management Suite Installer. It is also referred to SUMMIT Centralized Server. Select this option to perform the monitoring operation from this centralized server.
    • SUMMIT Proxy: This is an alternative Server. Select this option to perform the monitoring operation using this server.

    Select one of the monitoring source. Based on the selected option, the job types are displayed in the list box.

    Time Zone

    Select a Time Zone from the drop-down list. The selected Time Zone is the default Time Zone for all the users. You can configure the Time Zone in COMMON MASTERS page by using the Master Type, Link Thresholds. For more information about how to configure the Time Zone, see Configuring Common Masters . If a Time Zone is mapped to a specific location, the mapped Time Zone is displayed in the Time Zone drop-down list.

    Note: You must do the AD import after selecting the Time Zone.

    Active

    Indicates the status set for the Active Directory configuration details.

    • If selected, the Active Directory configuration details are used for importing user data to SummitAI database.
    • If not selected, the Active Directory configuration details are inactive. The configured details are ignored while importing user data to SUMMIT database.

    OTHER ACTIONS

    Disable Users

    Indicates the status set for the user.

    • If selected, the disabled user details are not imported from the Active Directory to SummitAI database.
    • If not selected, the disabled user details are also imported from the Active Directory to SummitAI database.

    Clear NT ID

    If selected, the NT ID of deleted users are cleared from AD. This option should be selected only for deleted users and not disabled users.

    Clear Email ID

    If selected, the Email ID of deleted users are cleared from AD. This option should be selected only for deleted users and not disabled users.

    AD Import Logs

    The AD Import Log captures all the logs and displays it in the IMPORT HISTORY pop-up, whenever any issue occurs during the AD user import.

    Following are the three types of issues captured:

    • Error
    • Debug
    • Info

    Error: This option is enabled by default. The errors occurring during the AD user’s import are captured and displayed in the IMPORT HISTORY pop-up.

    Debug: This option should be enabled manually, and it captures the debug logs and displays it in the IMPORT HISTORY pop-up.

    Info: This option should be enabled manually, and it provides the ability to view the user’s import information in the IMPORT HISTORY pop-up.

    Configure Notification

    It helps to send an e-mail notification with consolidated error list along with the users whose import failed during the AD user import. Based on the requirement, you can configure the recipients to whom the e-mail notification should trigger.

    You can configure the e-mail notification by providing the recipient details and required info in the EMAIL NOTIFICATION pop-up. The Notification will be triggered in case of any user import failure or error.


    Figure: EMAIL NOTIFICATION pop-up

    Following fields are displayed in the EMAIL NOTIFICATION pop-up:

    • Subject: You can provide the mail subject.
    • Body: You can provide the mail body.
    • Recipients: You can specify the recipient’s name and search to add them.
    • Selected Recipients: It displays the selected recipients.

          Note: E-mail notification is sent only to the selected recipients.

    CONFIGURATION FOR LOG INCIDENT
    Log an Incident in case of Failure

    Based on the error logs, the incident can be logged by consolidating all the errors along with the list of users whose import failed.

    If this check box is enabled then the following fields are available for edit. These field are greyed out if the check box is disabled.

    • Mailbox: It helps to send an e-mail when there is a user import failure. A Notification Parser must be configured to send e-mail notification for user import failure. The incident will be logged only if the Notification Parser is configured with the same e-mail ID.

    The following fields are similar to the SMTP configuration. Email is sent using this configuration parameters.

    • From Name: Specify the from name.
    • From E-mail ID: Specify e-mail ID from which mail should be sent.
    • Server Name: Specify SMTP server name.
    • Port: Specify the SMTP port number.
    • User Name: Specify the SMTP user name.
    • Password: Specify the SMTP password.
    • SSL Required: Enable or disable the check box for sending an e-mail.

    NOTIFICATION

    Notify Inactive User Details

    Select the check box to send e-mail  notifications to notify the Administrators regarding the users who have been deactivated/ deleted from the AD.

    Notification E-mail IDs

    Specify the e-mail ids of the Analysts to send the notification e-mails.

    Select Templates

    • Select the template that you wish to configure for all the users in the active directory.
    • Select the check box corresponding to the template that you wish to configure for the users.

    Note:

    The analyst persona inactive analyst email notification feature is enhanced to address all the pending and progressive dependents associated with the inactive analyst. For more information, see OFFBOARDING USER POLICY LIST.

    Note:

    To import an Employee Photograph, ensure that the job, USERIMAGEIMPORTAD is running in the CUSTOM SCHEDULER page. For more information on how to run a job on CUSTOM SCHEDULER page, see Configuring Custom Scheduler.

    Note:

    The Custom Fields configured on the FORM BUILDER page is displayed under the OTHER ACTIONS section. For more information on how to configure the Custom Fields, see Configuring Custom Fields for Users.

 Azure

Prerequisites

Before importing the user details form the Azure Active Directory (AzureAD), the application must be registered in the AzureAD. To know about how to register the SummitAI application with AzureAD, refer to AzureAD Application Registration Document

To import users from Azure Active Directory:

  1. Select Admin > Basic > Users > Import > AD Import. The AD IMPORT page is displayed.
  2. On the ACTIONS panel, click Filters and select the Domain from the drop-down list.
  3. Click ADD NEW on the ACTIONS panel.
  4. Select the drop-down value as Azure in the User Directory drop-down field. Type in the Active Directory details from where you want to import user details. For more information about the fields on the AD IMPORT page, see Field Description.
  5. Click SUBMIT. The Active Directory details are saved.


    Figure: AD IMPORT page

    Field Description

    The following table describes the fields on the AD IMPORT page: 

    Field

    Description

    Domain

    Specify the Domain name of which you want to import the user details to the Application. The Domain name is the abbreviation of the company name.

    User Directory

    Select Azure to import the users from Azure's active directory.

    CONFIGURATION

    Tenant

    Select the Tenant ID of the Azure Active Directory in which you created the application.

    Import from ADSelect the Azure active directory from which you want to to import the users.
    Client IDSpecify the client ID.
    Secure StringSpecify the secure string.

    Run at Source

    Lists the configured monitoring source type.

    • SUMMIT Server: It refers to the Server where SummitAI  It Management Suite is installed using the SummitAI  It Management Suite Installer. It is also referred to SummitAI Centralized Server. Select this option to perform the monitoring operation from this centralized server.
    • SUMMIT Proxy: This is an alternative Server. Select this option to perform the monitoring operation using this server.

    Select one of the monitoring source. Based on the selected option, the job types are displayed in the list box.

    Time Zone

    Select a Time Zone from the drop-down list. The selected Time Zone is the default Time Zone for all the users. You can configure the Time Zone in COMMON MASTERS page by using the Master Type, Link Thresholds. For more information about how to configure the Time Zone, see Configuring Common Masters . If a Time Zone is mapped to a specific location, the mapped Time Zone is displayed in the Time Zone drop-down list.

    Note: You must do the AD import after selecting the Time Zone.

    Run at Proxy

    This field is displayed if Run at Source is selected as SummitAI Proxy. Select the configured Proxy Server from the list by which the AD Import job should run.

    Active

    Indicates the status set for the Active Directory configuration details.

    • If selected, the Active Directory configuration details are used for importing user data to SummitAI database.
    • If not selected, the Active Directory configuration details are inactive. The configured details are ignored while importing user data to SummitAI database.

    OTHER ACTIONS

    Disable Users

    Indicates the status set for the user.

    • If selected, the disabled user details are not imported from the Active Directory to SummitAI database.
    • If not selected, the disabled user details are also imported from the Active Directory to SummitAI database.

    Clear NT ID

    If selected, the NT ID of deleted users are cleared from AD. This option should be selected only for deleted users and not disabled users.

    Clear Email ID

    If selected, the Email ID of deleted users are cleared from AD. This option should be selected only for deleted users and not disabled users.

    AD Import Logs

    The AD Import Log captures all the logs and displays it in the IMPORT HISTORY pop-up, whenever any issue occurs during the AD user import.

    Following are the three types of issues captured:

    • Error
    • Debug
    • Info

    Error: This option is enabled by default. The errors occurring during the AD user’s import are captured and displayed in the IMPORT HISTORY pop-up.

    Debug: This option should be enabled manually, and it captures the debug logs and displays it in the IMPORT HISTORY pop-up.

    Info: This option should be enabled manually, and it provides the ability to view the user’s import information in the IMPORT HISTORY pop-up.

    Configure Notification

    It helps to send an e-mail notification with consolidated error list along with the users whose import failed during the AD user import. Based on the requirement, you can configure the recipients to whom the e-mail notification should trigger.

    You can configure the e-mail notification by providing the recipient details and required info in the EMAIL NOTIFICATION pop-up. The Notification will be triggered in case of any user import failure or error.


    Figure: EMAIL NOTIFICATION pop-up

    Following fields are displayed in the EMAIL NOTIFICATION pop-up:

    • Subject: You can provide the mail subject.
    • Body: You can provide the mail body.
    • Recipients: You can specify the recipient’s name and search to add them.
    • Selected Recipients: It displays the selected recipients.

          Note: E-mail notification is sent only to the selected recipients.

    CONFIGURATION FOR LOG INCIDENT
    Log an Incident in case of Failure

    Based on the error logs, the incident can be logged by consolidating all the errors along with the list of users whose import failed.

    If this check box is enabled then the following fields are available for edit. These field are greyed out if the check box is disabled.

    • Mailbox: It helps to send an e-mail when there is a user import failure. A Notification Parser must be configured to send e-mail notification for user import failure. The incident will be logged only if the Notification Parser is configured with the same e-mail ID.

    The following fields are similar to the SMTP configuration. Email is sent using this configuration parameters.

    • From Name: Specify the from name.
    • From E-mail ID: Specify e-mail ID from which mail should be sent.
    • Server Name: Specify SMTP server name.
    • Port: Specify the SMTP port number.
    • User Name: Specify the SMTP user name.
    • Password: Specify the SMTP password.
    • SSL Required: Enable or disable the check box for sending an e-mail.

    ATTRIBUTES DETAILS

    NT Login ID

    By default, the standard attribute for NT Login ID is displayed. You can modify the data as specified by the Administrator, if required.

    User Name

    By default, the standard attribute for the user name is displayed. You can modify the user name as specified by the Administrator, if required.

    E-mail ID

    By default, the standard attribute for the user e-mail id is displayed. You can modify the user e-mail id as specified by the Administrator, if required.

    Employee ID

    By default, the standard attribute for the employee id is displayed. You can modify the employee id as specified by the Administrator, if required.

    Customer

    By default, the standard attribute for the customer is displayed. You can modify the customer as specified by the Administrator, if required.

    Location

    By default, the standard attribute for the location is displayed. You can modify the location as specified by the Administrator, if required. For multiple locations, concatenate the locations in this format: Location 1+;+Location 2.

    Country

    By default, the standard attribute for the country is displayed. You can modify the country as specified by the Administrator, if required.

    Designation

    By default, the standard attribute for the designation is displayed. You can modify the designation as specified by the Administrator, if required.

    Contact Number

    By default, the standard attribute for the contact number is displayed. You can modify the contact number as specified by the Administrator, if required.

    Mobile Number

    By default, the standard attribute for the mobile number is displayed. You can modify the mobile number as specified by the Administrator, if required.

    Manager

    By default, the standard attribute for the manager is displayed. You can modify the manager name as specified by the Administrator, if required.

    Address

    By default, the standard attribute for the address is displayed. You can modify the address as specified by the Administrator, if required.

    NOTIFICATION
    Notify Inactive User DetailsSelect the check box to send notification e-mails to notify the Administrators regarding the users who are deactivated/ deleted from the AD.
    Notification E-mail IDsSpecify the e-mail ids of the Analysts to send the notification e-mails.
    Select Templates
    • Select the template that you wish to configure for all the users in the active directory.
    • Select the check box corresponding to the template that you wish to configure for the users.

    Note:

    The analyst persona inactive analyst email notification feature is enhanced to address all the pending and progressive dependents associated with the inactive analyst. For more information, see OFFBOARDING USER POLICY LIST.

    Note:

    To import an Employee Photograph, ensure that the job, USERIMAGEIMPORTAD is running on the CUSTOM SCHEDULER page. For more information on how to run a job on CUSTOM SCHEDULER page, see Configuring Custom Scheduler.

    Note:

    The Custom Fields configured on the FORM BUILDER page is displayed under the ATTRIBUTE DETAILS section. For more information on how to configure the Custom Fields, see Configuring Custom Fields for Users.

     User Image Import

    If a User is updating their Profile Image in Azure Active Directory, with AD import the Profile Image is fetched and stored on the local and the same is updated on the SummitAI Application.  
     

    Prerequisites: 

    • Ensure that AD Import Job, AD Import Users is running on the CUSTOM SCHEDULER page.  
       
    • In servermoniter.exe ensure to add the following  key 
       
      add key="ADImport:Azurethumbnailphoto" value="True" />  
       
    • User must have updated his profile image in Azure Active Directory. 
       

    To View this perform following steps: 
     
    1. Login to the Summit Application as Admin. 

    2. Navigate to Admin > Import > User Import

    3. Configure Azure Active Directory. Ensure the AD Import job AD Import Users is running.

    4. Navigate to Admin > Users > User List. Verify if the Users are imported.

    5. Login to the Summit Application as User who updated the profile image in Azure Active Directory and verify if the profile photo is visible in the top right corner.


    Figure: Azure Active Directory User Image Import to Summit Application 

     Import Users with name Starting with specific letter

    A Configuration key is added based on which the specific Users are imported from Azure Active Directory to SummitAI application. 
     
    Example: If the value of the Configuration Key is “N” then only Users whose name starts with N are imported to the SummitAI application. 

     
    Prerequisite 

    Add the following Configuration Key in servermonitor.exe 
     
    Note: By default, the value of the following Configuration Key is EMPTY. 

    • In the following as an example letter N is added as an example.  
      add key="AzureUserCustomQuery" value="&$filter=startswith(displayName,'N')" /> 

      To ensure, perform the following steps:

    1.Login to the Summit Application as Admin. 

    2. Navigate to Admin > Import > User Import

    3. Configure Azure Active Directory. Ensure the AD Import job AD Import Users is running.

    4. Add the Configuration Key in servermonitor.exe file of the Summit Application.

    5. Navigate to Admin > Users > Users List.

    6. Verify if the User
    s imported are according to the Configuration Key Value
    .


 Samba Active Directory

You can import user details from the Samba Active Directory into the SummitAI database. Also, bulk import of user details, such as NT Login ID, User Name, Employee ID, E-mail ID, Employee Photograph, Customer, Country, and so on can be completed at a time. This is useful if you are using Linux operating system.

To import users from Samba Active Directory:

  1. Select Admin > Basic > Users > Import > AD Import. The AD IMPORT page is displayed.
  2. On the ACTIONS panel, click Filters and select the Domain from the drop-down list.
  3. Click ADD NEW on the ACTIONS panel.
  4. Select the drop-down value as Samba Active Directory in the User Directory drop-down field. Type in the Active Directory details from where you want to import user details. For more information about the fields on the AD IMPORT page, see Field Description.
  5. Click SUBMIT. The Active Directory details are saved.


    Figure: AD IMPORT page - Samba Active Directories

    Field Description

    The following table describes the fields on the AD IMPORT page: 

    Field

    Description

    LDAP (Lightweight Directory Access Protocol) Configuration:

    LDAP Path

    Specify the path name of the Active Directory database.

    Notes:
      • If you configure IP address in the IP Address field, specify the string to represent the Distinguished Name (DN). Example: CN=Users,DC=summitdc,DC=lab
      • If you do not configure the IP address in the IP Address field, specify the fully qualified name of the DN. Example: summusdv.lab

    Import from AD

    Select the required options you want to import from the Active Directory.
    Users: Select Users to import all the users available in the AD.
    Groups: Select Groups to import all the groups available in the AD.
    Deleted Objects: Select Deleted Objects to import all the deleted objects, such as users or groups from the AD.

    Domain

    Specify the Domain name of which you want to import the user details to the Application. The Domain name is the abbreviation of the company name.

    User Name (DOMAIN\User Name)

    Specify the domain user name. For example, Domain\username

    Password

    Type in the password.

    Confirm Password

    Re-enter the password for confirmation.

    Time Zone

    Select a Time Zone from the drop-down list. The selected Time Zone is the default Time Zone for all the users. You can configure the Time Zone in COMMON MASTERS page by using the Master Type, Link Thresholds. For more information about how to configure the Time Zone, see Configuring Common Masters . If a Time Zone is mapped to a specific location, the mapped Time Zone is displayed in the Time Zone drop-down list.

    Note: You must do the AD import after selecting the Time Zone.

    IP Address

    Specify the IP address of the machine if Proxy Server is configured in the demilitarized zone (DMZ).

    Run at Source

    Lists the configured monitoring source type.

    • SUMMIT Server: It refers to the Server where SummitAI  It Management Suite is installed using the SummitAI  It Management Suite Installer. It is also referred to SummitAI Centralized Server. Select this option to perform the monitoring operation from this centralized server.
    • SUMMIT Proxy: This is an alternative Server. Select this option to perform the monitoring operation using this server.

    Select one of the monitoring source. Based on the selected option, the job types are displayed in the list box.

    Run at Proxy

    This field is displayed if Run at Source is selected as SummitAI Proxy. Select the configured Proxy Server from the list by which the AD Import job should run.

    Enable SSL Connection

    • If selected, the application runs with the web protocol “HTTPS”, which establishes a secured connection while exchanging data with the server.
    • If not selected, the application runs with the web protocol “HTTP”, which is not a secured connection and is susceptible to data theft or spying.

    Active

    Indicates the status set for the Active Directory configuration details.

    • If selected, the Active Directory configuration details are used for importing user data to SummitAI database.
    • If not selected, the Active Directory configuration details are inactive. The configured details are ignored while importing user data to SummitAI database.

    OTHER ACTIONS

    Specify OU(s) to exclude

    Specify the organizational units that you wish to exclude from importing to the SummitAI application.

    Specify Group(s) to include

    Specify the Groups that you want to include. You can add more than one Group.

    Attributes Not to be Null

    Specify the attributes for which the value should not be Null while importing data from the Active Directory database. For example: Object Class.

    Disable Users

    Indicates the status set for the user.

    • If selected, the disabled user details are not imported from the Active Directory to SummitAI database.
    • If not selected, the disabled user details are also imported from the Active Directory to SummitAI database.

    Clear NT ID

    If selected, the NT ID of deleted users are cleared from AD. This option should be selected only for deleted users and not disabled users.

    Clear Email ID

    If selected, the Email ID of deleted users are cleared from AD. This option should be selected only for deleted users and not disabled users.

    Ignore Display Names With Text

    Specify the keywords to ignore the user names with the specified keywords while importing data from Active Directory to Summit. If the specified keywords are present in the User’s Display Name text, the user data is ignored while importing data from Active Directory to SummitAI .

    Ignore the SAM Account Names with text

    Specify the keywords to ignore the SAM Account Names with the specified keywords while importing data from the Active Directory to SummitAI. If the specified keywords are present in the SAM Account Name (NT Login ID), the user data is ignored while importing data from Active Directory to SummitAI .

    AD Import Logs

    The AD Import Log captures all the logs and displays it in the IMPORT HISTORY pop-up, whenever any issue occurs during the AD user import.

    Following are the three types of issues captured:

    • Error
    • Debug
    • Info

    Error: This option is enabled by default. The errors occurring during the AD user’s import are captured and displayed in the IMPORT HISTORY pop-up.

    Debug: This option should be enabled manually, and it captures the debug logs and displays it in the IMPORT HISTORY pop-up.

    Info: This option should be enabled manually, and it provides the ability to view the user’s import information in the IMPORT HISTORY pop-up.

    Configure Notification

    It helps to send an e-mail notification with consolidated error list along with the users whose import failed during the AD user import. Based on the requirement, you can configure the recipients to whom the e-mail notification should trigger.

    You can configure the e-mail notification by providing the recipient details and required info in the EMAIL NOTIFICATION pop-up. The Notification will be triggered in case of any user import failure or error.


    Figure: EMAIL NOTIFICATION pop-up

    Following fields are displayed in the EMAIL NOTIFICATION pop-up:

    • Subject: You can provide the mail subject.
    • Body: You can provide the mail body.
    • Recipients: You can specify the recipient’s name and search to add them.
    • Selected Recipients: It displays the selected recipients.

          Note: E-mail notification is sent only to the selected recipients.

    CONFIGURATION FOR LOG INCIDENT
    Log an Incident in case of Failure

    Based on the error logs, the incident can be logged by consolidating all the errors along with the list of users whose import failed.

    If this check box is enabled then the following fields are available for edit. These field are greyed out if the check box is disabled.

    • Mailbox: It helps to send an e-mail when there is a user import failure. A Notification Parser must be configured to send e-mail notification for user import failure. The incident will be logged only if the Notification Parser is configured with the same e-mail ID.

    The following fields are similar to the SMTP configuration. Email is sent using this configuration parameters.

    • From Name: Specify the from name.
    • From E-mail ID: Specify e-mail ID from which mail should be sent.
    • Server Name: Specify SMTP server name.
    • Port: Specify the SMTP port number.
    • User Name: Specify the SMTP user name.
    • Password: Specify the SMTP password.
    • SSL Required: Enable or disable the check box for sending an e-mail.

    ATTRIBUTES DETAILS

    NT Login ID

    By default, the standard attribute for NT Login ID is displayed. You can modify the data as specified by the Administrator, if required.

    User Name

    By default, the standard attribute for the user name is displayed. You can modify the user name as specified by the Administrator, if required.

    E-mail ID

    By default, the standard attribute for the user e-mail id is displayed. You can modify the user e-mail id as specified by the Administrator, if required.

    Employee ID

    By default, the standard attribute for the employee id is displayed. You can modify the employee id as specified by the Administrator, if required.

    Customer

    By default, the standard attribute for the customer is displayed. You can modify the customer as specified by the Administrator, if required.

    Location

    By default, the standard attribute for the location is displayed. You can modify the location as specified by the Administrator, if required. For multiple locations, concatenate the locations in this format: Location 1+;+Location 2.

    Country

    By default, the standard attribute for the country is displayed. You can modify the country as specified by the Administrator, if required.

    Designation

    By default, the standard attribute for the designation is displayed. You can modify the designation as specified by the Administrator, if required.

    Contact Number

    By default, the standard attribute for the contact number is displayed. You can modify the contact number as specified by the Administrator, if required.

    Mobile Number

    By default, the standard attribute for the mobile number is displayed. You can modify the mobile number as specified by the Administrator, if required.

    Manager

    By default, the standard attribute for the manager is displayed. You can modify the manager name as specified by the Administrator, if required.

    Address

    By default, the standard attribute for the address is displayed. You can modify the address as specified by the Administrator, if required.

    NOTIFICATION

    Notify Inactive User Details

    Select the check box to send notification e-mails to notify the Administrators regarding the users who are deactivated/ deleted from the AD.

    Notification E-mail IDs

    Specify the e-mail ids of the Analysts to send the notification e-mails.

    Select Templates

    • Select the template that you wish to configure for all the users in the active directory.
    • Select the check box corresponding to the template that you wish to configure for the users.

    The analyst persona inactive analyst email notification feature is enhanced to address all the pending and progressive dependents associated with the inactive analyst. For more information, see OFFBOARDING USER POLICY LIST.

    Note:

    To import an Employee Photograph, ensure that the job, USERIMAGEIMPORTAD is running on the CUSTOM SCHEDULER page. For more information on how to run a job on CUSTOM SCHEDULER page, see Configuring Custom Scheduler.

    Note:

    The Custom Fields configured on the FORM BUILDER page is displayed under the ATTRIBUTE DETAILS section. For more information on how to configure Custom Fields, see Configuring Custom Fields for Users.

ACTIONS

This section explains all the icons displayed on the ACTIONS panel of the AD IMPORT page.

SHOW LIST

Click SHOW LIST to display the LIST table showing all the Active Directories configured in the SummitAI application.


Figure:  AD IMPORT: List of active directories

  • To edit an Active Directory configuration, click the configured LDAP Path. Make appropriate changes and click SUBMIT.
  • To delete an Active Directory configuration, click the Delete icon.

Note:

When the configured Active Directories are displayed under the LIST table, the ADD NEW action is displayed on the ACTIONS panel. Click  ADD NEW to add a new Active Directory configuration for importing user details.

IMPORT HISTORY

Click IMPORT HISTORY to view the IMPORT HISTORY pop-up. The IMPORT HISTORY pop-up is displayed with all the AD user import history details with the newly imported users and failed users count. 

The IMPORT HISTORY option is available only while editing the existing configuration. 

Figure: Import History pop-up

Import History helps to troubleshoot user import failure issues.

The Import History pop-up displays the following details:

Job Name

It displays the job name.

From Date

You can select the ‘From’ date in this field to search the details.

To Date

You can select the ‘To’ date in this field to the search the details.

Search

Click Search button to filter the details.

LIST Section 

Job Status

It displays the job status of the job such as, Completed, Running, Schedule etc.

When you expand the Job status, you can view the details as follows:

Figure: Import History pop-up: Job details

If the  option is expanded, you can view the following details:

  • LDAP Path: It displays the domain details.
  • New Users: It displays the count of newly imported users. On clicking the count hyperlink, you can view the JOB HISTORY > New Users pop-up with user details such as User ID, User Name, Email Id, and NT_UID. You can also use the Search field to search the user information by specifying the User Name or Email ID.

    Figure: JOB HISTORY > New Users

  • Failed Users: It displays the count of failed users. On clicking the count hyperlink, you can view the JOB HISTORY > Failed Users pop-up with user details such as User ID, User Name, Email Id, Static Attribute Columns and Custom Attribute Columns. You can also use the Search field to search the user information by specifying the User Name or Email ID.

    Figure: JOB HISTORY > Failed Users

    By clicking upon the More hyperlink in the Static Attribute Columns you can view the static attribute error details.

    By clicking upon the More hyperlink in the Custom Attribute Columns you can view the custom attribute error details.
  • View Logs: You can view all the information from start to end of the job. You can also use the Search and Error Log Level fields to search the captured data by specifying the keywords and select error log type such as All, Info, Error, and Debug.

    Figure: Import History > View Logs
Last Run DateIt displays the last run date of the job.
Last Run From

It displays the last run from of the job. If the job runs from Summit scheduler then it displays as Scheduler in the column.

MessageIt displays the message details provided for the job.
DurationIt displays the duration of the job run.
New UsersIt displays the newly imported user count.
Failed UsersIt displays the failed user count.
Note: By default, it displays last 7 days data. It can be configured based on the requirement.


MAPPING

Click MAPPING to map the Users that are mapped to the Groups on the AD IMPORT page to a specific User Type that belongs to a specific module. The AD IMPORT USERS MAPPING pop-up page is displayed.


Figure: AD IMPORT USERS MAPPING pop-up page

The following table describes the fields on the AD IMPORT USERS MAPPING pop-up page:

Field

Description

Group Name

Select the Group Name from the drop-down list. The Group Names are displayed based on the configuration of the Groups on the AD IMPORT page.

Module

Select the Module from the drop-down list.

Type

Select the Type from the drop-down list.

User Type Value

Select the User Type Value from the drop-down list.

Active

Select Active if the mapping is in Active status.

References