Jump to content

Search the Community

Showing results for tags 'ldap'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Hornbill Platform and Applications
    • OpenForWork
    • Announcements
    • Blog Article Discussions
    • General Non-Product Discussions
    • Application Beta Program
    • Collaboration
    • Employee Portal
    • Service Manager
    • IT Operations Management
    • Project Manager
    • Supplier Manager
    • Customer Manager
    • Document Manager
    • Timesheet Manager
    • Live Chat
    • Board Manager
    • Mobile Apps
    • System Administration
    • Integration Connectors, API & Webhooks
    • Performance Analytics
    • Hornbill Switch On & Implementation Questions
    • GRC Manager
  • About the Forum
    • Announcements
    • Suggestions and Feedback
    • Problems and Questions
  • Gamers Club's Games
  • Gamers Club's LFT

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start








Website URL





Found 22 results

  1. I have a user that has left the organisation so there account has been disabled in the AD linked to Hornbill by the LDAP Import tool. We have a LDAP import which updates the status of the Hornbill accounts to archived when the AD account is disabled, but this is failing for a specific user as the User created documents in Document Manager and the LDAP log is reporting an error as it is not able to archive the user as it 'owns documents'. How can I take ownership of the documents that the user created so that the account can be disabled? Cheers Martyn
  2. We are experiencing an issue when trying to setup and run the SQL User Import, to upload new users from LDAP on a regular basis. We are getting the attached error: We’ve looked on the forum and there was one instance of this, but appeared to be resolved over 12 months ago with a change to the routine on the Hornbill side. Can someone from the support team or integration experts please look at this? thanks Neil
  3. Hi, I need to set accounts from basic to user based on AD Extension Attribute 1. The attribute is set to add an account to one of two groups to determine what services they have access to. I now need one of these groups to be made full accounts and not the other. Is this possible? Thanks, Dan
  4. Hi All, We are having a slight issue with an undetermined number of users, Our userbase has a large number of contracts included that will all have different email addresses, when doing our LDAP import it is picking up from the Users Email Address within Active Directory. The problem with this is that it may not match the e-mail address they are sending from. Is there anyway for us to map the primary SMTP within AD to the Email field within Hornbill? Thank you in advance for any help.
  5. As in the wiki, we can Associate a group to Hornbill user accounts, but can we associate multiple groups? For example, if we want to assign a service to IT Services, but another specifically to IT Infrastructure could we look at [department] for their department (IT Services) and [extensionAttribute11] for the team (IT Infrastructure) and have both assigned at import time? If so, is it as simple as: "OrgLookup":{ "Action":"Both", "Enabled":false, "Attribute":"[department]", "Type":2, "Membership":"member", "TasksView":true, "TasksAction":true, "OnlyOneGroupAssignment":false "Action":"Both", "Enabled":false, "Attribute":"[extensionAttribute11]", "Type":1, "Membership":"member", "TasksView":true, "TasksAction":true, "OnlyOneGroupAssignment":false }
  6. Would it be possible to have the ability to use an AD's user parent Organisational Unit (OU) name in the OrgLookup section of the LDAP importer? Cheers Martyn
  7. Is anyone else importing users 'countryCode' AD value into the Hornbill using the LDAP Importer tool? I keep getting errors when attempting to set this up. I have added the attribute to the 'LDAPAttributes' section and then attempting to map this in the 'UserMapping' section but get an error for all users. The values are the numeric ones held in AD. Is the platform expecting some other format? Cheers Martyn
  8. Hi all, @Victor @James Ainsworth (apologies for the name dropping) When importing managers from our AD (using the 'manager' attribute) it is pulling the CN distinguished name as is from our AD rather than looking up an actual user. When looking up the user in Service Manager I get the error "The value in element <userId> did not meet the required input pattern constraints. at location '/methodCall/params/userId'" Is there something I need to change on our config.json file? As the default syntax for 'manager' is distinguished name I really don't want to change it. Thanks Dan
  9. Hi all, I have created a new LDAP import to pick up users in a specific OU. It works fine for most users but some (6 in this case) are not created with the following error message: Unable to Create User: The element <password> was not expected at location '/methodCall/params/password' Does anyone have any ideas? @Victor @Steven Boardman @TrevorKillick Sorry for the tags but this is quite urgent as it has failed to create a user I need to test log in with tomorrow morning. Thanks Dan
  10. We recently started using Trend Micro's cloud proxy and since then the LDAP sync has stopped working I had a look at the wiki and made some changes and now it does seem to be connecting but it still isn't uploading the data I've attached a copy of what I get when running the sync
  11. We currently use single sign on via ADFS and LDAP Import to manage our authentication process into Hornbill. At the moment users will be stopped from logging in to Hornbill when there AD account is disabled, but if the user already has a connection open to Hornbill prior to the account being disabled they are able to continue to use the system. Is it currently possible via the LDAP Importer to update the Hornbill User's status to suspended based on the AD Disabled attribute and secondly if a Hornbill account is suspended when a user is logged in do they get logged out? Cheers Martyn
  12. Hi all, We are almost ready to setup a Task Schedule to start importing Users live from our AD in to Hornbill. I have a question about how the "LDAP_User_Import.exe" utility works with handling existing Users already in the Hornbill system (in our Instance). If a User already exists, what happens to that existing Hornbill Account during Import? Does it get overwritten in all areas, only some areas, or not at all? Are any of these options configurable? Thanks, Lee
  13. Hello, We have set up a nightly sync between our Active Directory and Hornbill and it is working ok but... How do we populate the 'Organisations' tab on the users profile? We use this on our reports. Thank you, Dan
  14. Hi all, So today marks my first time working with LDAP and I am having a little trouble. I have managed to get it to see the LDAP server and the credentials are correct and I am not getting any credentials error. However when I run the Hornbill app (from CMD as Admin as a dryrun) I get the following error after 'Finished message 2': [ERROR] Search Error: LDAP Result Code 201 "ErrorNetwork": Invalid packet format I have no idea what it means at all. I have tried leaving the ConnectionType as blank and changing it (and the port numbers) to SSL with no joy. All the Infrastructure guys are away this week so I am sort of running around in the dark with this as the moment. Any help appreciated. Thanks Dan
  15. Hi @TrevorKillick, Based on your experience of the LDAP import utility, is it possible to change it so that when a user changes department, the utility updates the profile accordingly? At the moment, it only adds the new department. This forces us to run a report on a regular basis to clean these profiles. With 4000+ users, you can imagine the amount of time I am going to spend on this Any ideas are welcomed! Thanks
  16. Hi, Following issues with the ldap user import utility, I had a look a the source code to try and determine the source of the problem. It turns out it is proxy related. So my question is the following: once you get the list of profiles from the AD, you have a loop that checks if the user already exists and the update or create. Instead of opening a connection, updating / creating a user profile and closing the connection every time you call a web method on the API, would it be possible to open a single connection and close it upon completion or error? The reason I am asking is because the current method generates a lot of login / logout for, from my perspective, no real reasons. What do you think? Thanks, Lyonel
  17. Hi, Since the recent changes to Service Manage Admin console something has stopped working in our LDAP user import script (old version - before the introduction of the API). I set it up so that it could pull in multiple organisations for users. i.e. each user gets added to the Company OU based on [company], then added to Office OU based on [physicalDeliveryOfficeName], then added to a Department OU based on [Department] AD fields. This was previously working for all three but I've just noticed that it has stopped doing this and is now only adding each user to the last OrgLookup entry in the conf.json script (in the attached scripts case it would be the Department) Due to the Hornbill admin console update I thought it may have been the cause if you guys changed anything on your end, so I have created a new script with the new version of the import tool. (see attached the new version of the script) But the same thing is happening, so to sum up I need the script to add every user to 3 different organisations based on ldap/AD lookups and I know this was previously working but if you are aware of any changes on your end limiting the amount of OrgLookups or how it is processed please let me know how I can get it to do what we need. Can you help please? Thanks, James HLconf.json
  18. Hello, I wasnt involved with the initial setting up of Hornbill in our organisation but when the users were imported, they only had the "Basic User Role" assigned to them. But they cannot access the basics of the Customer Portal using it. I added "Self Service User" to the LDAP Conf file on Friday, we have it scheduled to run at 5:30 every night so coming in today i've seen that it hasnt worked. I just did a dry run, and can confirm that it hasnt applied the Self Service User job role to all of the users. Conf File { "UserName": "********", "Password": ""********",", "InstanceId": ""********",", "UpdateUserType":false, "LDAPConf": { "Server": ""********",", "UserName": ""********",", "Password": ""********",", "Port": "********",, "Filter": "(objectClass=user)", "DSN": "OU=Users,OU=Users & Desktops,OU="********",,DC="********",,DC="********",,DC="********"," }, "LDAPMapping":{ "UserId":"[sAMAccountName]", "UserType":"basic", "Name":"[cn]", "Password":"", "FirstName":"[givenName]", "LastName":"[sn]", "JobTitle":"[title]", "Site":"", "Phone":"[telephoneNumber]", "Email":"[mail]", "Mobile":"[mobile]", "AbsenceMessage":"", "TimeZone":"", "Language":"", "DateTimeFormat":"", "DateFormat":"", "TimeFormat":"", "CurrencySymbol":"", "CountryCode":"" }, "LDAPAttirubutes":[ "cn", "sn", "sAMAccountName", "userPrincipalName", "givenName", "description", "mobile", "title", "telephoneNumber", "mail" ], "Roles":[ "Basic User Role", "Self Service User" ], "SiteLookup":{ "Enabled": false, "Attribute":"" } } Log File 2016/05/16 11:21:05 [DEBUG] ---- XMLMC LDAP Import Utility V1.4.0 ---- 2016/05/16 11:21:05 [DEBUG] Flag - Config File conf.json 2016/05/16 11:21:05 [DEBUG] Flag - Zone eur 2016/05/16 11:21:05 [DEBUG] Flag - Dry Run true 2016/05/16 11:21:05 [DEBUG] Loading Config File: C:\TEMP\Hornbill/conf.json 2016/05/16 11:21:05 [DEBUG] Logging Into: https://eurapi.hornbill.com/********/xmlmc/ 2016/05/16 11:21:05 [DEBUG] UserName: ******** 2016/05/16 11:21:05 [DEBUG] Connecting Server: ******** 2016/05/16 11:21:06 [DEBUG] LDAP Results: 1591 2016/05/16 11:21:06 [DEBUG] Processing Users 2016/05/16 11:21:06 [DEBUG] LDAP User Record dn: CN=******** ********,OU=Users,OU=Users & Desktops,OU=********,DC=********,DC=********,DC=******** cn: ******** ******** sn: ******** title: ******** ******** description: ******** ******** ******** telephoneNumber: ******** ******** ******** givenName: ******** sAMAccountName: ******** userPrincipalName: ******** mail: ******** ---- Can someone advise? I feel like i'm missing something. Thanks, Samuel
  19. We have a user that has had their name changed (married) on AD however we now have two entries on the Hornbill user list. There doesn't seem to be an option to either merge or edit the accounts? We want to retain the ticket information for this user so ideally don't want to delete the old one.
  20. Is there any documentation of the LDAP Import tool 'Filter' configuration syntax or details from the component us are using to access the LDAP directory? I have had some joy in using the syntax from Microsoft Active Directory documentation https://msdn.microsoft.com/en-us/library/windows/desktop/aa746475(v=vs.85).aspx But are having a issue with some of the operation such as excluding certain OU containers when using the Scope=2 setting to recursively scan the sub tree. At the moment I can get the following to work to scan the sub tree and exclude all disabled accounts:- "Scope": 2, "DerefAliases": 1, "SizeLimit": 0, "TimeLimit": 0, "TypesOnly": false, "Filter": "(&(objectCategory=User)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))", But if I add the extra criteria of (!(ou=HR)) the import still accepts the filter as valid but does not filter out the users contained with the HR ou. Cheers Martyn
  21. gwynne


    First Question: Does the ldap update fields that change in AD to Hornbill? If it does I have changed a bit of the ldap scrip to bring in the DDI rather than the Extension in the phone field however the users in hornbill are not getting the updated data?
  22. Is it possible to get the LDAP User Import tool to support multiple DSN entries so you an import in one iteration from a structured user directory were you have multiple containers within OU=Users? Alternatively is it possible to get the import tool to recursively search down from the specified DSN? At the moment we will have to create a conf.json configuration file for each leaf level user container within our structured User container. Cheers Martyn
  • Create New...