Upgrade AD/LDAP Connectors for existing inSync Customers
Note: The availability of this feature may be limited based on the license type, region, and other criteria. To access this feature, contact your Druva Account Manager or Druva Support.
Overview
With the new AD management feature<<Doc link for 1st article>>, the integration with AD/LDAP Connectors and AD Accounts is centralized to manage Druva administrators efficiently by the DCP administrators.
The article provides information for the Administrators on upgrading the existing AD/LDAP connectors and their associated configuration through DCP (Druva Cloud Platform).
As an Endpoints & SaaS Apps administrator, ensure that all the connectors are upgraded by DCP administrators since you won't be able to modify the associated mappings with old connectors until the upgrade.
Administrator Rights
The AD Management feature changes the administrator’s management capabilities by centralizing the privileges for AD integration to Druva Cloud Administrators. Below are the privileges with respect to AD/LDAP integration and associated functionality.
Action |
Druva Cloud Administrator |
Workload (inSync) Administrators |
---|---|---|
Install Connector |
✅ |
❌ |
Upgrade Connector |
✅ |
❌ |
Modify Connector settings |
✅ |
❌ |
Register & Manage AD/LDAP Accounts <<DCP link>> |
✅ |
❌ |
Create & Manage Administrator Mappings <<DCP link>> |
✅ |
❌ |
Access AD Account |
✅ |
❌ |
✅ |
✅ |
|
Sync and manage users |
✅ |
✅ |
✅ |
✅ |
|
✅ |
✅ |
Upgrade old AD/LDAP connectors
The DCP Administrators must upgrade all the old AD/LDAP Connectors to allow the inSync & DCP Administrators to modify the mapping and related configuration.
The detailed steps for the DCP Administrator to upgrade old connectors are mentioned <<doc link>>
Note: If you have CloudCache mapping configured, it has an impact with old AD/LDAP connector integration. For more details, see <<CloudCache Server Impact>>.
Modify AD/LDAP Mappings
Once all the connectors are upgraded by the DCP administrator, you can access and modify the existing mappings linked to your new connector.
Create AD/LDAP Mappings
Once the DCP Admin upgrades all the connectors, you can create a new mapping for users
Before you begin
Ensure that you have completed the following configurations:
-
The AD/LDAP Connector is installed by DCP Administrators. For more information, see <DCP Link>.
-
The AD/LDAP Connector is configured by DCP Administrators. For more information, see <DCP Link>.
-
The AD/LDAP Connector is registered by DCP Administrators. For more information, see <DCP Link>.
-
A Profile is created by inSync Administrators. For more information, see Create a Profile.
To create a mapping:
Follow the steps mentioned in the Create a Mapping.
Reference Read:
-
Impact of CloudCache Server mapping on AD connector <<doc link>>