Microsoft Active Directory connector
The Active Directory connector gathers data about users and devices from an Active Directory server. You can have multiple Active Directory connectors to pull data from various parts of the directory.
If there is device data already in Neurons from another source and you import device data from Active Directory, Neurons will reconcile the records so that you don't have duplicate device records.
What data is imported?
For devices:
- Device name
- Display name
- Domain name
- OS and OS version
- Host name
- Location
- Account expiration date
- Account lockout time
- Bad logon count
- Reversible password encryption allowed
- Delegation permitted
- Description
- Distinguished name
- GUID
- Home directory
- Home drive
- Last bad password attempt
- Last logon
- Last password set
- Name
- Password never expires
- Password not required
- SAM account name
- OS and OS version
- Script path
- Smartcard logon required
- Creation date
- Changed date
For users:
- Name
- Email address
- Account expiration date
- Account lockout time
- Reversible password encryption allowed
- Bad logon count
- Delegation permitted
- Department
- Job title
- Display name
- Distinguished name
- Division
- Employee ID
- Employee number
- Employee type
- Enabled
- Groups they are a member of
- GUID
- Home directory
- Home drive
- Last bad password attempt
- Last logon
- Last password set
- Manager
- Object category
- Physical office name
- Password never expires
- Password not required
- Prefix/title
- Room number
- SAM account name
- Smartcard logon required
- Login ID
- Phone number
- Creation date
- Changed date
- Location
For business units:
- Name
- Value
- Description
- Parent business unit
- Location
- Display name
- Distinguished name
- GUID
- IsSecurityGroup
- SAM account name
An Active Directory connector has the following options:
- Connector name. A name for the connector.
- Connector server name. The name of the connector server that this connector is associated with. Each connector can only be associated with one connector server. If you added the connector to a specific connector server, this field may be populated for you. Otherwise, you can select the connector server from the list.
- Domain name. The domain name for the Active Directory server.
- Set the base DN. The distinguished name for the location in the directory that you want to pull data from. The connector gathers user, device, and business unit data.
- User threshold and device threshold. To limit the amount of data that is gathered for Neurons, set a threshold for a specific number of days. The connector will not include records unless the user or device has been created, logged in, or updated during that time.
- Username and Password. Credentials to access Active Directory.
- Repeats. How often the connector should gather data.
- Start time. The time of day the connector should start running. To minimize the impact on your network and applications, we recommend that connectors generally run at night or on weekends.
- Active. Whether the connector is active or not. While the connector is active, it runs according to the schedule you create. If you clear the check box, the connector is inactive and will not gather data until the check box is enabled again and the connector is saved.
- Action Credentials. The credentials Ivanti Neurons uses to perform actions and queries on device or people records. The types of available actions and queries will depend on your specific work environment.
After this connector runs the first time, any subsequent scheduled runs will only gather records that have changed since the last time it ran. If you run the connector on demand (using the Run Now command or the Save and Run button), it refreshes the entire data set and not just changed records.
For details on configuring or using connectors, see Setting up connectors.