OptimiDoc offers the automatic synchronization of users from Active Directory (AD), OpenLDAP or CSV file. To import the user it is necessary to define AD or OpenLDAP configuration or CSV file and start the synchronization.



AD and OpenLDAP import

AD and OpenLDAP configuration is accessible from Main menu in Users menu or Configuration.


AD configuration parameters necessary for successful import:

  • Type - Type of connection - Active directory or OpenLDAP
  • Login - login name of user with access to AD or OpenLDAP
  • Password - login password
  • Directory - directory of AD or OpenLDAP for user import
  • Domain - name of the domain from which the users shall be imported
  • Card attribute- attribute from which the card shall be imported
  • PIN attribute - attribute with user PIN
  • Groups for replication - definition of active directory group names for replication including the user assignment


To start the import click the Synchronize button.


Note: AD synchronization imports only the users who have the First name and Last name fields set.


If you want to establish secure connection between OD and AD, you have to fill in domain input:  ldaps://<domainname>.local:636


Note: Your AD has to support LDAPS (636 or 3269)

Active directory example:

OpenLDAP example:


Notes:

Problem description:

The customer noticed, that some accounts from AD are not replicated to OptimiDoc. Non-replicated account is not disabled. In AD cannot succesfully find the duplicate values of attributes (e. g. e-mail). Sub-question – which duplicates are checked?


Solution:

In AD is necessary set the attribute givenName. OptimiDoc requirement is: The name and surname of users must be filled, it is the reson for unexecuted replication.

The duplicates are normally written to log as follows: ERROR: Cannot create user Name Surname with Login: 'name.surname'.




CSV import

To import the users from CSV file it is necessary to specify the Path to the file or select it by clicking the Browse button.


CSV file structure:

Login,GivenName,Surname,Department,Password,Email,Pin,HomeFolder,Card

login1,Name1,Surname1,Department1,Password1,Email1,PIN1,Folder1,Card1

login2,Name2,Surname2,Department2,Password2,Email2,PIN2,Folder2,Card2


the header is always required.



User import - Import status

AD/OpenLDAP/CSV import result is listed bellow the configuration.