Connecting MiCollab IDS to Active Directory with Security Group Filtering

[mhumphries]

is it possible to filter the imported users based on Security group membership.
for example i would like to only import users that are part of say a MiCollab User Group.  we have users that are service account and some users that do not have phones at all and i do not want them imported into IDS.

[Tech Electronics]

mhumphries,

Imported users are via the Organizational Unit [OU] that you are looking at. So if you want only get certain members then just look at that OU or created an new OU that just has the information you are looking for.

Also you don't have to import them as actual users if you do Detain All Entries in the Bulk Detain Users form. That way you can use any OU that has all of the information and then you just need to sort through and pick the ones you want and delete the rest; of course they will come back when you perform another sync with the AD.

Thanks,

TE

[mhumphries]

so if we have users that do not have a phone,   and or service accounts then we have to manually update IDS?  how to large companies make this work?  it does not really make sense to have users in separate OUs just because they either do or do not have a phone. 

[Tech Electronics]

mhumphries,

Maybe I didn't understand what you were asking.

What I read is that you had users that you didn't want to import into the system and the OU that you were using didn't allow for that.

Most of the companies that I have worked with used a high level OU and when they did a synchronization it would put all of the users within the Bulk Detained Entries that they would sort through and allow only those they wanted; we never allow it to just pass through to the MiCollab as that would just create a lot of garbage.

If there is a better way then I would love to hear about it.

Sorry,

TE

[mhumphries]

so we have something like this

OU-CorpOffice
     OU-Users
          OU-Dept1
                USER1-with phone
                USER2-No Phone
          OU-Dept2
                USER3-With Phone
                USER4-No Phone

and i want to make sure that all the users that have phone get updated on a regular basis.  things like Dept. changes or password changes.  since we are approaching 200 users this becomes quite tedious to do this daily and frankly if a user changes their password i would like the system to sync every 15 min. and update that in MiCollab without my intervention.  however since we have some users with and without phones it seems that this may be a problem. i am hoping to get some answers soon.  if i get answers outside of this forum i will be sure to post.

[Tech Electronics]

mhumphries,

My assumption is that you would be using the OU-Users container for your synchronization.

It seems as though you want to just pass this information through instead of dealing with the Detained Entries, but you don't want pass through information for those users with No Phone; so do I have that correct? Are the users with No Phone set up as Contact in their Object Class?

By the way, the MiCollab server doesn't hold a users AD Password it just sends the request to the AD for it to verify it; no passwords are stored in the MiCollab from the AD.

Thanks,

TE