Importing Users from Active Directory

Once your configuration mapping is complete, you’re ready to import your users into Issuetrak. You can do an initial manual import, and then schedule imports to occur automatically. This task can only be performed by an Issuetrak user with the “Can access and maintain Administration functions” permission or the “Sys Admin” parameter.

The AD module assigns organizations differently depending on whether it is creating new users or merely updating them.

  • New users created by manual AD import, scheduled AD import, or upon login will have their organization set only by the organization they are mapped to within "Mapping Organizations".  This becomes their primary organization, and no membership is granted based on the organization membership of user templates designated in the "Determining User Permissions" section.
     
  • Users updated via manual import, scheduled import, or upon login will have their organization set thusly:
     
    • If the existing user has only a primary organization membership and it doesn't match the organization they are mapped to, then their primary organization membership is changed to their mapped organization.
       
    • If the existing user has membership in more than just their primary organization, and their current primary organization differs from the organization they are mapped to, then their primary organization will change to match the organization they're mapped to and they will retain membership in their formerly primary organization.
 

Performing a Manual Import

Steps:

  1. Click the gear icon in the upper right > click Active Directory beneath Identity Management > click Import Users under the Active Directory section in the right context menu.
  2. Select the Domain from the dropdown for which this particular import should be performed from the list. Only the domains which have been defined in the Issuetrak interface will appear.
  3. Click the radio button to select either AD Group or AD OU. Click the button related to your selection. Only AD Groups or OUs with verified Organization and Permissions mappings and valid users will appear.
  4. Select the appropriate value in the window that appears.
  5. Click the Preview Import button.
  6. Verify the import is being returned properly in the Preview import window that appears.
  7. Close the Preview Import window.
  8. Click the Process Import button to process this import. (If you only want to process this initial import and not define a schedule, this is the last step you need to complete within this task.) A Preview import window will appear with a summary of the import.

Repeat for each group/OU on each domain that needs to be imported. You can also use these parameters to create a scheduled import record.

 

Defining Scheduled Imports

Steps:

  1. Define the appropriate interval and time in the Define Schedule section of this screen. We strongly recommend scheduled imports are performed daily outside of business/peak productivity hours.
  2. Verify Active is selected, or the import will be scheduled but not run.
  3. Click Save and Schedule button to save and schedule this import.

A confirmation message will appear when this process is complete. The AD Scheduled Imports page will be updated with a list of all scheduled imports.

You may return to the AD Scheduled Imports screen at any time by clicking the gear icon in the upper right > click Active Directory beneath Identity Management > click Scheduled Imports under the Active Directory section in the right context menu. 

From this screen, scheduled imports may be edited and deleted. However, we recommend using the edit and deselecting the Active parameter rather than using delete.

 

Additional items for scheduled imports

During installations and upgrades, a Windows Scheduled Task is created on the web server to allow for Scheduled Imports of LDAP accounts, this scheduled task is set to run hourly. Should this task need to be rebuilt, a re-upgrade of the site using a "Services only" context can be performed.

If you are an Issuetrak Cloud customer, please give our Support Team a call for help scheduling imports.

The steps to perform this are:

  1. Run the Issuetrak Deployment Manager on the web server.
  2. Agree to the Terms of Service.
  3. Select Upgrade an existing Issuetrak site.
  4. Input the neccessary SQL credentials to allow the upgrade.
  5. Under Deployment Options, uncheck everything except for Services.
  6. Deploy the Site.

This will delete and recreate the background services and tasks Issuetrak uses to perform scheduled processes such as Email, Workflows, and Imports. This will not affect the data in the database or web files locations.

Additionally, the Application URL must be accurate for the imports to process correctly. To verify this, click the gear icon in the upper right > click Defaults beneath System > make sure the Application URL field accurately reflects your site URL.

Preventing Specific Accounts from being Imported

You might know of some accounts that you definitely don't want to be imported from Active Directory.

To prevent specific user accounts from being imported into Issuetrak from Active Directory, enter one of the phrases below into the user's Description field in Active Directory:

  • Built-In Account
  • Inactive for Issuetrak

If you've found that an unwanted user account has already been imported, you will need to manually inactivate or remove the user in Issuetrak.

Was this article helpful?
Thank you for your feedback!
User Icon

Thank you! Your comment has been submitted for approval.

Related Articles

 Copyright © Issuetrak, Inc. All rights reserved.