LDAP import wizard
You can use an LDAP import rule to connect to an LDAP data source, such as Active Directory, to import the most common types of data into your inventory database. A number of these rules install by default, but you may want to copy and edit them for your own specific needs.
This wizard includes an LDAP browser to help you easily find the information you need.
If you use VDI servers in your work environment, you can use this wizard to import data that helps determine which users need a particular software license. For more information, see VDI licensing overview.
Open the wizard by right-clicking LDAP Import in the DTS tree and selecting New rule. If you want to create a set of default LDAP rules, click Yes; otherwise click No, then enter a unique name and description for this rule and select the database where the rule will store the data it gathers. On the continuing pages, enter the following information:
Use this page to set up a connection to your LDAP data source.
- LDAP://: The path for the LDAP server, usually just a server name or IP address.
- Use anonymous access: An option to connect to the LDAP server anonymously; use only if you're required to.
- User name: The user name to connect to LDAP. For Active Directory, enter it in the form <domain>\<user>.
- Password: The password for the LDAP user.
Use this page to select the LDAP container that the rule will search in for LDAP property data to import.
- LDAP container: The LDAP container you want to search. Click the ellipsis (...) button to open an LDAP browser for searching LDAP objects in the current tree that you have rights to see. This LDAP browser is similar to the Active Directory Users and Computers browser.
To view all possible LDAP properties for this object type, browse to an LDAP object, right-click it in the right pane, and select View Properties.
- Search subcontainers: Subcontainers of the specified LDAP container that the rule will search. To search the entire tree, select this check box and leave the container field blank.
It's necessary to map an attribute to the property of an LDAP object type. You can select one of the two default mappings that are configured (User or Computer), or select Other to configure your own mappings.
- User: Maps the Computer.Login Name attribute to the SAMaccountName property for user objects.
- Computer: Maps the Computer.Device Name attribute to the cn property for computer objects.
- Other: Opens a dialog where you can customize the mapping between the database and an LDAP object. For example, you may want to use Computer.Primary Owner instead of Computer.Login Name for the Ivanti attribute. In this dialog, the Object type is the LDAP object to search for, the Ivanti attribute is the database attribute to use as a source for searching, and the LDAP property is a property that must match the attribute value.
- Create object if it does not exist: Creates a new record in the inventory database if one doesn't already match the LDAP object you're importing.
- Ignore disabled objects: Ignores disabled LDAP objects during an import.
This page lists the LDAP property data you're importing and the database attribute the data is mapped to. You can import data from as many LDAP properties as you want. Click the Add button to include an LDAP property in this list.
Once you've added all the LDAP property data you want to import, click the Finish button. Your new rule will appear in the LDAP Import > All Rules folder.
From this page, you can select the LDAP property data you want to import and the attribute it will be mapped to.
LDAP property: The property to take the data from.
Instead of property use static value: You may want to add a particular fixed value when importing, such as stating where the data came from or the location, regardless of what is in LDAP.
Value: The static value to use.
Database attribute: The attribute to map to.
VBScript textbox: You can use VBScript to modify the returned value (optional). Click the Test button to verify that the VBScript works.