About AD mapping
AD mapping is a mapping wizard provided by inSync that is used to create inSync users by importing their details from an AD. In an AD mapping, you define filter parameters to extract user details from an AD. You also define the profile, storage, and quota that will be assigned to users that match the filter parameters.
The AD mapping wizard provides two ways of defining the AD filter parameters.
|Regular filter method||This method allows you to select the relevant options based on the available values in the drop-downs. The drop-downs are populated by inSync after querying the AD for the available options. You must enter details in a sequential fashion as selecting a previous field populates the drop-down in the next field. This is the recommended method for most organizations.|
|Manual filter method||This method allows you to enter the relevant options manually. It is recommended only if you are well conversant with your organizations AD structure. You can click Switch to manual AD filter under AD Configuration.|
Procedure for creating an AD mapping for IMD
To create an AD mapping
- On the inSync Admin Console menu bar, click Manage > AD Mappings.
- Click Create New. The Create AD Mapping wizard appears.
- Under AD Configuration, enter the following details and then click Next. While entering the details, make sure you adhere to the guidelines for defining AD configuration.
- AD mapping name: Specify a name for your AD mapping.
- AD server: Select the registered AD server.
- Base DN: Select the required Base DN.
- Organizational unit: Select the required Organization Unit.
- AD group: Select the required AD group.
- Department: If required, specify the department.
- Country: If required, specify the country.
- Name to be used for creation: Select the username format. You can either use common name or logon name as the username.
Note: If you choose to manually enter the AD Configuration details, make sure you type the LDAP distinguished name of the Base DN, Organizational unit, and AD group. For example, OU=Abhijit OU,DC=AD-cloud,DC=druva,DC=com. To find the distinguished name, open the AD object property window on the AD server, and find the distinguishedName field under the Attribute Editor tab.
- Under inSync Configuration, enter the following details:
- Profile: Select the profile to which the users imported through the AD will be assigned.
- Storage: Select the storage where data backed up from the user's devices will be backed up.
- Quota per user: Enter the quota for the users.
- Auto import new users: DO NOT select.
- Send activation email to newly added users: Select if you want inSync to send activation emails to the new users.
- Auto update existing users: Select if you want inSync to sync up with the AD at regular intervals and deactivate users who have been removed from the AD.
- Click Finish.
Guidelines for defining AD configuration for IMD
If you are creating an AD mapping for integrated mass deployment (IMD), make sure you adhere to the following guidelines.
- AD Mapping: DO NOT use an AD mapping that has been created for importing users. For IMD, create a new AD Mapping.
- Organizational Unit: Select an OU that has users directly listed under it. DO NOT select an OU with other OUs listed under it.
- AD Group: Select a group that has users directly listed under it. DO NOT select a group with other groups listed under it. IMD does not support nested groups. This means, users from a group that is added as a member in another group are not imported.
- Department: Select a department only if it has been defined in the AD, else leave the field empty. If you select a department that does not exist in the AD, users will not be imported.
- Country: Select a country only if it has been defined in the AD, else leave the field empty. If you select a country that does not exist in the AD, users will note be imported.
- Name to be used for creation: Select common name if you want to create inSync user names in first name and last name format. If you select logon name, inSync usernames will be same as the AD username.