Steve Giller Posted October 25, 2018 Share Posted October 25, 2018 I'm way behind the curve and have only just upgraded to the latest LDAP import. What happened the first time it ran was that the Roles all reset to the four basic defaults I have, and all users reverted to Basic rather than Full. Which means I did something very wrong! This confuses me as I imported the working conf file from the old version - so I'm not sure exactly where I messed up, unless there's a new option that I have misconfigured or neglected to configure. { "User": { "AccountMapping": { "UserId": "[sAMAccountName]", "UserType": "basic", "Name": "[displayName]", "Password": "", "FirstName": "[givenName]", "LastName": "[sn]", "JobTitle": "[title]", "Site": "", "Phone": "", "Email": "[userPrincipalName]", "Mobile": "[mobile]", "AbsenceMessage": "", "TimeZone": "", "Language": "", "DateTimeFormat": "", "DateFormat": "", "TimeFormat": "", "CurrencySymbol": "", "CountryCode": "" }, "UserDN": "[distinguishedName]", "Type": { "Action": "Both", "Value": "user" }, "Status": { "Action": "Both", "Value": "active" }, "Role": { "Action": "Both", "Roles": [ "Basic User Role", "Self Service User", "Hornbill Authorised Guest", "Service Manager Authorised Guest" ] }, "ProfileMapping": { "MiddleName": "", "JobDescription": "[title]", "Manager": "", "WorkPhone": "", "Qualifications": "", "Interests": "", "Expertise": "", "Gender": "", "Dob": "", "Nationality": "", "Religion": "", "HomeTelephone": "", "SocialNetworkA": "", "SocialNetworkB": "", "SocialNetworkC": "", "SocialNetworkD": "", "SocialNetworkE": "[userPrincipalName]", "SocialNetworkF": "", "SocialNetworkG": "", "SocialNetworkH": "", "PersonalInterests": "", "homeAddress": "", "PersonalBlog": "", "Attrib1": "", "Attrib2": "", "Attrib3": "", "Attrib4": "", "Attrib5": "", "Attrib6": "", "Attrib7": "", "Attrib8": "" }, "Manager": { "Action": "Both", "Value": "[manager]", "Options": { "GetStringFromValue": { "Reverse": true, "Regex": "" }, "MatchAgainstDistinguishedName": true, "Search": { "Enable": false } } }, "Image": { "Action": "Both", "UploadType": "AD", "InsecureSkipVerify": true, "ImageType": "jpg", "Value": "[thumbnailPhoto]", "URI": "[thumbnailPhoto]" }, "Site": { "Action": "Both", "Value": "[streetAddress]" }, "Org": [ { "Options": { "OnlyOneGroupAssignment": false, "Type": 5, "Membership": "member", "TasksView": false, "TasksAction": false }, "Action": "Both", "Value": "Derby College" } ] }, "LDAP": { "Server": { "keySafeID": 10, "InsecureSkipVerify": false, "Debug": false, "ConnectionType": "SSL" }, "Query": { "Attributes": [ "cn", "distinguishedName", "sn", "telephoneNumber", "mobile", "sAMAccountName", "userPrincipalName", "givenName", "description", "department", "manager", "thumbnailPhoto", "sAMAccountName", "cn", "displayName", "givenName", "sn", "title", "userPrincipalName", "telephoneNumber", "mobile", "distinguishedName", "manager", "streetAddress", "description", "thumbnailPhoto", "physicalDeliveryOfficeName", "company", "department" ], "Scope": 2, "DerefAliases": 1, "TypesOnly": false, "SizeLimit": 0, "TimeLimit": 0, "Filter": "(objectClass=user)", "DSN": "OU=General User Accounts..." } }, "Advanced": { "LogLevel": 2, "LogRetention": 28, "PageSize": 500 }, "version": 4 } Anyone know where I messed up? Link to comment Share on other sites More sharing options...
samwoo Posted October 25, 2018 Share Posted October 25, 2018 @DeadMeatGF I'm not at my work PC at the moment so cannot double check if what I am saying is correct but have you configured the configs via the Hornbill Admin Tool? The configs are set up on Hornbill, then you use a .bat file (or in my case a powershell .PS1 file) to run the LDAP_Import and it points to the name of the config you set up on Hornbill in Administration. Link to comment Share on other sites More sharing options...
James Ainsworth Posted October 25, 2018 Share Posted October 25, 2018 As @samwoo suggests the configuration of the imports are now done from within the Administration portal. When you say you imported your previous config file, was this through the "Upload an Existing Configuration"? Link to comment Share on other sites More sharing options...
Steve Giller Posted October 26, 2018 Author Share Posted October 26, 2018 @samwoo @James Ainsworth I'm using the Admin Portal with the existing configuration uploaded from the old on-prem solution. Having slept on it I suspect having the "Type" Action set to "Create and Update" was the reason - if that is the case is this value best left to "No Action" or "Create Only" when this import is picking up new users? I assume a newly created user defaults to "Basic" Link to comment Share on other sites More sharing options...
Steve Giller Posted October 29, 2018 Author Share Posted October 29, 2018 @James Ainsworth Would my assumption above be correct? If so I can turn my import back one - if not I need to look at another way of not wiping out user privileges. Link to comment Share on other sites More sharing options...
Victor Posted October 29, 2018 Share Posted October 29, 2018 On 10/26/2018 at 8:34 AM, DeadMeatGF said: I suspect having the "Type" Action set to "Create and Update" was the reason Yes On 10/26/2018 at 8:34 AM, DeadMeatGF said: I assume a newly created user defaults to "Basic" Depends on the configuration in user account mapping... Link to comment Share on other sites More sharing options...
Steve Giller Posted October 30, 2018 Author Share Posted October 30, 2018 @Victor thanks for the confirmation - the import has been reinstated and nothing broke! Link to comment Share on other sites More sharing options...
Victor Posted October 30, 2018 Share Posted October 30, 2018 Phew... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now