HomeGuidesAPI
HomeGuidesRecipesAPI
HomeGuidesAPILog In

Active Directory Connector

Suggest Edits

This connector is aimed at the designer wishing to interact with an Active Directory framework for users and groups.

Versions

Version 1.0 (released 12 December 2016)

  • Initial build

Version 2.0 (released 4 May 2018)

  • Refactoring and addition of the Edit function

Version 3.0 (released 22 October 2018)

  • Upgrade to Custom Extension framework
  • Addition of a a few data source methods
  • Refactoring for clarity and robustness.
  • Complete re-haul to simplify and use Object Names rather than Object Types for everything.

Actions

  • Create AD User
  • Edit AD User
  • Delete AD User
  • Create AD group
  • Edit AD Group
  • Delete AD Group

Data Source Object Types and corresponding Object Lists

User

  • Get Members Of Group
  • Search All Properties
  • Get User Details
  • User Searcher

Group

  • Group Searcher
  • Get Group Details
  • Get User's List of Groups

OU

  • Get All OUs

Unique Usernames

  • Get Unique Usernames

Installation Requirements

Before installing this connector, you must consider the following requirements:

  • You must have administrator/elevated permissions to the Infiniti web server, including the ability to copy and replace files in the Infiniti installation folder. This is usually c:\inetpub\wwwroot\infiniti however may vary from system to system.
  • You must have an appropriate Active Directory account with admin rights.
  • You must have the ActiveDirectoryExtension.dll file.

Use the instructions below to install the connector. If you are upgrading the extension from a previous version, refer to the section Upgrading the Connector.

Note that [Infiniti Produce Path] refers to the installation path on the web server running Infiniti, where the Produce site has been installed. By default this is c:\inetpub\wwwroot\infiniti\produce however may vary from environment to environment. Equally, [Infiniti Manage Path] refers to where the Manage site has been installed.

Installing the Connector

How to install the ActiveDirectory Connector

  1. Copy the files listed above into the following folder on the Infiniti web server:
    [Infiniti Produce Path]\bin

  2. Using a text editor such as Notepad, open the following file:
    [Infiniti Produce Path]\appsettings.json

  3. Locate the <Extensions> section and add the following entries:

"ActiveDirectoryConnector.Datasource,ActiveDirectoryConnector",
"ActiveDirectoryConnector.CreateUserAction,ActiveDirectoryConnector",
"ActiveDirectoryConnector.EditUserAction,ActiveDirectoryConnector",
"ActiveDirectoryConnector.DeleteUserAction, ActiveDirectoryConnector",
"ActiveDirectoryConnector.CreateGroupAction,ActiveDirectoryConnector",
"ActiveDirectoryConnector.EditGroupAction,ActiveDirectoryConnector",
"ActiveDirectoryConnector.DeleteGroupAction, ActiveDirectoryConnector"

  1. Copy the files listed above into the following folder on the Infiniti web server:
    [Infiniti Manage Path]\bin

  2. Using a text editor such as Notepad, open the following file:
    [Infiniti Manage Path]\appsettings.json

  3. Locate the <Extensions> section and add the same entries as above.

Using a web browser, navigate to the Infiniti Produce application and Infiniti Manage to allow the system to register the Connector.

In Manage, go to Settings -> Connector Settings -> Select the Active Directory Connector and complete the 3 required settings. If at least one of these is not provided, the connector will attempt to use Windows Authentication of the user currently logged in. This option is not recommended for production.

The Connector should now be installed, ready for configuration and usage.

Upgrading the Connector

If your Infiniti environment is already running an earlier version of the Active Directory connector and you are simply upgrading to a new version for Infiniti version 10, please follow these simple upgrade steps below.

How to upgrade a Legacy Active Directory Connector

  1. Make sure you remove all files of the current Active Directory Connector from your Infiniti web server. Navigate to your [Infiniti Produce Path]\bin folder, then remove these following files:
  • ActiveDirectoryConnector.dll
  1. Navigate to your [Infiniti Manage Path]\bin folder, then remove the same files listed in Step 1.
  2. Using a text editor such as Notepad, open [Infiniti Manage Path]\appsettings.json. Locate the “Extensions” section of the appsettings.json file and replace all legacy entries related to the ACtive Directory Connector with the lines specified in the standard installation instructions above. Locate all Legacy Action sections related to the Active Directory Connector and remove them.
  3. Repeat the same processes in the [Infiniti Produce Path].

Using the Active Directory Connector

Actions

The connector contains a series of actions to create, edit and delete users. Once the connector is installed, these will be available for use in Design. Required inputs are indicated by a star symbol at the end of the input key.

Create AD User Action

This action requires an Account Name and Email and can take any number of optional attributes.

  • Account Name* : This is the new users Account Name and will be populated as the SamAccountName AD parameter.
  • Email* : The new user's email address
  • Enable user? : True or False - Defaults to True.
  • Expire Password? : True or False - Defaults to False.
  • Firstname/Surname/Password: These are optional but recommended self explanatory inputs.
  • OU : The Organisation Unit.
  • Template Username: The SamAccountName of a template user that can be used as an example user for generic account creation.
  • Other Attributes name=value: This is a key input, that can take any number of inputs as text values in the format 'name=value'. An example could be 'GivenName=John'. The name must match existing AD user account parameters.
Edit AD User Action

This action requires an Account Name and Email and can take any number of optional attributes.

  • Account Name* : This is the new users Account Name and will be populated as the SamAccountName AD parameter.
  • Enable user? : True or False - Defaults to True.
  • Expire Password? : True or False - Defaults to False.
  • Group Name to Add: Add user to named group.
  • Group Name to Remove: Remove user from named group.
  • OU : The Organisation Unit.
  • Other Attributes name=value: This is a key input, that can take any number of inputs as text values in the format 'name=value'. An example could be 'GivenName=John'. The name must match existing AD user account parameters.
Delete AD User Action

This action takes only the Account Name (AD's SamAccountName) as input and deletes the user.

Data Sources

This Data Source contains a series of Object Types (User, Group) which related broadly with what sort of item the data source should return. Then,
each object type contains a list of object names, which are essentially the various methods associated with returning this type of object.

When setting up the various data source objects, the designer should select the object type they are looking for, and the corresponding object name for their use case.

These are brief descriptions of the various Data source method names available in this connector. All filter fields are prefixed by an @ symbol.

User Searcher

The primary method to search for users. It's designed to be as efficient as possible and to be potentially used as an Autocomplete data source type.
The number of available filters is limited to the most common use cases. If for more information on users is required, please use the 'Get User Details' method
with an input obtained from this method.

This method takes a user filter string, which is used to search for users, comparing against user's SamAccountName, Given Name, Surname and email address and returns a list
of unique users that match any of these. If the wildcard string is contained in any of these parameters, the user is returned.
A second optional input is the Minimum Characters field. Please set to an integer number of characters (e.g: @MinimumCharacters = 3). If specified, the datasource will only return results
once the User Filter field contains at least this many characters. This is in place to avoid triggering the data source on too few characters which may take too long.

Note: Use the 'No Data Text' data source optional field in Design to display a message when nothing is found or when the minimum number of characters has yet to be reached.

  • Filters:
    • @UserFilter
    • @MinimumCharacters

Get User Details

Obtains all the info for user of interest based on a unique Identifier that corresponds directly with one of the AD's standard parameters.
This Data source should use only a single filter field but 5 possibilities are given as options. The idea behind this object is that the designer
will use the 'User Searcher' to first find the user of interest, and then use one of the filters here to query the specific user for extra details.
This is the case because a lot of ADs contain a large number of users and querying all details for all of them takes a long time.

An example case would be: Using the 'User Searcher' to just return the user's account name and Guid, select a user of interest, and then configuring this data source
to grab further user details with the @Guid filter corresponding to the selected user's Guid.

  • Filters:
    • @SamAccountName
    • @UserPrincipalName
    • @DistinguishedName
    • @Sid
    • @Guid

Group Searcher

The primary method to search for groups. It's designed to be as efficient as possible and to be potentially used as an Autocomplete data source type.
The number of available filters is limited to the most common use cases. If for more information on groups is required, please use the 'Get Group Details' method
with an input obtained from this method. This method can take wildcard filters.

This will search for groups that contain the provided string in the group name as a wildcard.

  • Filters:
    • @GroupName

Get Group Details

Obtains the full group details for a provided group name.

  • Filters:
    • @GroupName

Get Members Of Group

Obtain a list of members belonging to the provided group name.

  • Filters:
    • @GroupName

Get User's List of Groups

Obtain a list of all groups a given user is a member of. The filter is the user's Guid. Suggestion: Use the 'User Searcher' method to first select the given user.

  • Filters:
    • @Guid

Search All Properties

Find all user properties based on a recursive search

  • Filters: @SearchSubtree -> Optional recursive search.

Get All OUs

Obtain the list of all Organisation Units created in the Active Directory

  • Filters:
    • @OU -> Filter by OU
    • @SearchSubtree -> Optionally do a recursive search.

Get Unique Usernames

Obtain all unique usernames based on a seed.

  • Filters: @Seed -> seed for username search.

Updated over 5 years ago