UK Business Transformation Customer Forum (ARIS & Alfabet)
Register
ARIS Process Mining in action - Live Demo
Register
ARIS User Group Meeting Wien (German)
Register
View all
Join now

LDAP integration in ARIS

CR
Posted by CHETHAN RAO
Posted on in Professional ARIS

Hi ,

I am trying to integrate LDAP in ARIS 9 and I am able to make a connection between ARIS and LDAP system.

Regarding the user group details,I have given the below details in the UMC Configuration

 

User Search Path: OU=Hosting,dc=dir,dc=example,dc=com

User search filter : (&(sAMAccountName=*))(&(objectclass=group)(memberOf=CN=<Usergroup>,OU=Admin,OU=Hosting,DC=dir,DC=example,DC=com))

I have activated the LDAP also.

But when tried to import the users I'm getting the message as Zero users imported. I have checked the user group and it contains 3 users.

I have also tried to run the LDAP batch file(y-ldapsync.bat) which is available in 

D:\softwareAG\ARIS9.8\server\bin\work\work_umcadmin_m\tools\bin using command prompt I get the same message.

Below is the command used to import the users,

y-ldapsync.bat -s http://my_aris_host.com -t default importUsers -u system -p manager -f (cn=userID)

Can anyone please tell me if I have missed out anything and why I'm getting zero users while importing.

 

Thanks and Regards,

Chethan Rao.

18.7k
3
Profile picture for user smarty
by Martin Schröder
Badge for 'Contributor' achievement
Posted on Fri, 12/09/2016 - 13:25

Hello Chetan,

apart from one too many parenthese

 (&(sAMAccountName=*) ) (&(objectclass=group)(memberOf=CN=<Usergroup>,OU=Admin,OU=Hosting,DC=dir,DC=example,DC=com))

your User search filter should only specify the memberOf attribute, not the (objectclass=group) term: 

(&(sAMAccountName=*)(memberOf=CN=<Usergroup>,OU=Admin,OU=Hosting,DC=dir,DC=example,DC=com))

i.e. take any Account Name that is member of <Usergroup>...

re y-ldapsync.bat

parameter -f should be the same User search filter, but I do not know if special characters must be masked like "\=" as you can see in the UMCConfig.properties file exported from UMC.

-f (cn=userID) looks like the example from the Admin Guide, but there userID is a placeholder for a real Account Name in your directory service

the 2nd Admin Guide syntax example states "...-f (cn=*)" in order to import all users from a LDAP directory.

Hope this helps, Martin

0
CR
by CHETHAN RAO Author
Posted on Mon, 12/19/2016 - 14:01

Hi Martin ,

Thanks for the solution, I have tried the User search filter suggested by you but still the result is the same(0 users were imported).

In addition I tried to find all the users irrespective of groups, by just giving the user search path without the group filter and I was able to see all the users. It is something in the search filter which is not correct.

 

Regards,

Chethan Rao.

0
Profile picture for user Dilcarina Duarte
by Dilcarina Duarte
Posted on Thu, 05/25/2017 - 12:39

Hello CHETHAN RAO!

Could you please share your filter? We have the same problem and we cant find the solution.

When we try to run the default filter (&(sAMAccountName=*)) on AD machine we are able to see the users but when we try the same filter on umc (import LDAP) we are not.

Regards,

Dilcarina Duarte

0

Featured achievement

Rookie
Say hello to the ARIS Community! Personalize your community experience by following forums or tags, liking a post or uploading a profile picture.
Recent Unlocks

Leaderboard

|

View posts by tag

icon-arrow-down icon-arrow-cerulean-left icon-arrow-cerulean-right icon-arrow-down icon-arrow-left icon-arrow-right icon-arrow icon-back icon-close icon-comments icon-correct-answer icon-tick icon-download icon-facebook icon-flag icon-google-plus icon-hamburger icon-in icon-info icon-instagram icon-login-true icon-login icon-mail-notification icon-mail icon-mortarboard icon-newsletter icon-notification icon-pinterest icon-plus icon-rss icon-search icon-share icon-shield icon-snapchat icon-star icon-tutorials icon-twitter icon-universities icon-videos icon-views icon-whatsapp icon-xing icon-youtube icon-jobs icon-heart icon-heart2 aris-express bpm-glossary help-intro help-design Process_Mining_Icon help-publishing help-administration help-dashboarding help-archive help-risk icon-knowledge icon-question icon-events icon-message icon-more icon-pencil forum-icon icon-lock