How to schedule a regular LDAP import using ADS
How do I schedule a regular LDAP import using ADS?
One of the three Scheduled Jobs that are built in is
called "AccountSystem". Go to RedDot Server Manager ->Scheduled Jobs.
It synchronizes users with a directory service on a regulary basis.
This is the RQL from that built-in task:
<IODATA>
<ACCOUNTSYSTEM loginguid="[!guid_login!]"
action="importuser" guid="[#AccountSystemGuid#]" user="" pass=""
level="[#UserLevel#]" update="0" remove="[#Remove#]"
language="[#UserLanguage#]" import="1">
<PROJECTS>
<PROJECT guid="[#ProjectGUID#]"/>
</PROJECTS>
<GROUPS>
<GROUP guid="[#GroupGUID#]"/>
</GROUPS>
</ACCOUNTSYSTEM></IODATA>
(This is the same RQL statement that is used when you select a
directory service and click "Import User Accounts")
There are 3 possibilities when doing a directory service import.
(1) You can "update" (aka "synchronize") user accounts, which means
simply that existing users' full names and email addresses are
updated from the directory service. (2) You can import users, which
means new users in the directory are imported into RedDot. Or (3)
you can remove users, meaning that user accounts which were imported
into Reddot from the directory service, but which no longer exist,
will be deleted from RedDot also.
You can do any one or all three with that one RQL statement. The
three attributes "update", "remove", and "import" are the
corresponding RQL attributes, and they should be set to "1" or "0"
(yes or no).
Also, please note that any variable marked with [# #] needs to be
replace manually with the desired value. This value is usually a GUID. Specific GUID's can be found by clicking on the blue [i] icon in top right corner. For example, to locate a specific project GUID, go to RedDot Server Manager -> Administer Projects -> Highlight a project and select the blue information [i] icon in the top right corner. This will give you the project guid. Take this number and replace it within the RQL.
If you want to have multiple instances or groups, please duplicate the code as in the following example:
<PROJECT guid="" />
<PROJECT guid="" />
.....
<GROUP guid="" />
<GROUP guid="" />
Also, for the level="[#UserLevel#]", enter in a value of 1-5. This is the value you want your users to be imported as. 1 is Admin, 2 is Site Builder, 3 is Editor, 4 is Author and 5 is Visitor. We recommended using 4 or 5, and then changing the user to a higher level manually if desired.
[#AccountSystemGuid#] - This is the GUID of the directory service.
[#UserLanguage#] - It's the 3 character abbreviation (ex: ENU)
Also attached to this ticket is an informational document regarding LDAP and ADS which many customers find helpful.
