OptimiDoc offers the automatic synchronization of users from the Active Directory (AD), OpenLDAP, Lotus Domino or CSV file. To import the user it is necessary to define AD or OpenLDAP configuration or CSV file and start the synchronization.


AD and OpenLDAP import


AD and OpenLDAP configuration are accessible from the Main menu in the Users menu or Configuration.


AD configuration parameters necessary for successful import:

  • Type - Type of connection - Active directory or OpenLDAP
  • Login - login name of the user with access to AD or OpenLDAP
  • Password - login password
  • Directory - directory of AD or OpenLDAP for user import
  • Domain - name of the domain from which the users shall be imported
  • Card attribute - attribute from which the card shall be imported
  • PIN attribute - attribute with user PIN
  • Groups for replication - definition of active directory group names for replication including the user assignment. They have to be exact group names as in AD, these groups are replicated and based on their settings you can set up access rights and restrictions. However these groups are reserved only for users from AD, you cannot add any other users there manually via OptimiDoc, it can be done only on AD side and then imported.
  • External ID attribute - External ID serves as the extra identity from another system in the report. i.e. Lets say there is a software, system for managing warehouse in company (or attendance system) that only works with i.e. employee ID such as (144,133), or so and you want to match data from multiple systems in Excel report or just add the data from another system to our standard report. That is where the customer can populate External ID for users in  Active directory attribute and import them into OptimiDoc (or do manual entry)
  • Default billing code - the default billing code of user imported from AD
  • User filter - means LDAP query e.g.  (&(objectClass=user)(memberOf=cn=Workers,ou=Test,dc=optimidoc,dc=local)) - which will import only users who are members of Group Workers in AD

Tip

List of attributes' names in AD - WEB.


Note

 AD synchronization imports only the users who have the First name and Last name fields set.


If you want to establish secure connection between OD and AD, you have to fill in domain input:  ldaps://<IP> or <domainname>:636


Your AD must support LDAPS (636 or 3269)


To start the import, click the Synchronize button.





Google Directory import


For more information on how to set up GSuite Directory synchronization go to this section.

Note

A problem description:

The customer noticed, that some accounts from AD are not replicated to OptimiDoc. Non-replicated account is not disabled. In AD cannot successfully find the duplicate values of attributes (e. g. email). Sub-question – which duplicates are checked?


The solution:

In AD it is necessary to set the attribute givenName. OptimiDoc requirement is: The name and surname of users must be filled, it is the reason for unexecuted replication.

The duplicates are normally written to log as follows: ERROR: Cannot create user Name Surname with Login: 'name.surname'.



CSV import


To import the users from a CSV file it is necessary to specify the Path to the file or select it by clicking the Browse button.


CSV file structure:

Login,GivenName,Surname,Department,Password,Email,Pin,HomeFolder,Card

login1,Name1,Surname1,Department1,Password1,Email1,PIN1,Folder1,Card1

login2,Name2,Surname2,Department2,Password2,Email2,PIN2,Folder2,Card2


the header is always required.





User import - Import status


AD/OpenLDAP/CSV import result is listed below the configuration.