Embed Size (px)
Citation preview
FS-PS-FSAD-IG-201310--R001.00
Fairsail Implementer
Fairsail to Active Directory Synchronization
Version 1.0
Fairsail to Active Directory Synchronization © Fairsail 2013 2
© Fairsail 2013. All rights reserved.
This document contains information proprietary to Fairsail and may not be reproduced, disclosed, or used in whole or in part without the written permission of Fairsail.
Software, including but not limited to the code, user interface, structure, sequence, and organization, and documentation are protected by national copyright laws and international treaty provisions. This document is subject to U.S. and other national export regulations.
Fairsail takes care to ensure that the information in this document is accurate, but Fairsail does not guarantee the accuracy of the information or that use of the information will ensure correct and faultless operation of the service to which it relates. Fairsail, its agents and employees, shall not be held liable to or through any user for any loss or damage whatsoever resulting from reliance on the information contained in this document.
Nothing in this document alters the legal obligations, responsibilities or relationship between you and Fairsail as set out in the contract existing between us.
This document may contain screenshots captured from a standard Fairsail system populated with fictional characters and using licensed personal images. Any resemblance to real people is coincidental and unintended.
All trademarks and service marks mentioned in this document belong to their corresponding owners.
FS-PS-FSAD-IG-201310--R001.00
Contents
Fairsail to Active Directory Synchronization © Fairsail 2013 3
Contents
Introduction 4
Pre-requisites 5
Sample Script 7
Overview 7
Sample Script Summary 8
Declare Parameters 8
Define Query 9
Write Data to XML 9 Create Data Object for CSV 10
Populate CSV Data Object 10
Export Data to CSV FIle 11
Import CSV File to Active Directory 12
Index 13
Fairsail to Active Directory Synchronization © Fairsail 2013 4
Introduction Fairsail provides customized Windows PowerShell scripts to enable you to synchronize your Active Directory content with Fairsail. Fairsail, as the HR system of record, acts as the master source of data. Typically, scripts are automated to run at a regular interval to ensure that your Active Directory is kept up to date as Team Members leave, and new hires join.
Scripts handle authentication to enable the safe acquisition and import of data through your firewall.
The outline process is:
1. Ensure pre-requisites are met (see page 5).
2. Install the script on a server with Active Directory.
3. Schedule and run the script
4. The script extracts data from Fairsail and writes it to a .csv file.
5. The script imports the .csv file into Active Directory.
An indicative overall process flow is:
Fairsail to Active Directory Synchronization © Fairsail 2013 5
Pre-requisites
Action Why How
Fairsail Actions
Set up a User Account with remote access privileges.
To enable the script to authenticate Fairsail. Fairsail login details are set as parameters in the script.
Go to Setup > Administration Setup > Manage Users > Users
Set up a Remote Access app for cURL.
To enable access to cURL on the Active Directory server.
Go to Setup > App Setup > Create > Apps Ensure client id and secret are set.
Install cURL (with SSL) on the server that will host the script.
cURL is used by the script to provide data access.
Download from: http://curl.haxx.se Ensure you have the correct version! cURL requires a security certificate in the same directory. You can download from here: http://curl.haxx.se/ca/cacert.pem
Customer Actions
Set up or designate a User Account with Administrator privileges.
To provide the account that accesses Active Directory for synchronization activity. The account must have permission to create and modify user accounts.
Ensure PowerShell is installed on the Active Directory server and runs in an elevated environment, configured to allow the use of scripts.
By default, PowerShell execution policy is Restricted and will not run scripts.
Set-ExecutionPolicy Unrestricted
Install Quest Active Directory plugins for PowerShell.
Extends PowerShell scripting with Active Directory specific cmdlets
Download from http://www.quest.com/powershell/activeroles-server.aspx
List the Active Directory fields that must be synchronized with data drawn from Fairsail.
These fields must be included in the script.
Set up or designate a place in an LDAP form to act as a container for new accounts.
Specify the domain name to be appended to accounts.
Enables the accounts to be correctly defined in Active Directory. The domain name is included in the script.
Pre-requisites Overview
Fairsail to Active Directory Synchronization © Fairsail 2013 6
Action Why How
Specify the standards to be followed for accounts. For example:
• Naming standard: Surname, FirstName, Middle Name; or FirstName, Surname.
• Password policy
Ensures that newly downloaded data conforms to existing Active Directory standards.
Fairsail Actions
Write the PowerShell script in line with customer requirements.
Test the PowerShell script. Ensures that customer expectations are met.
Fairsail to Active Directory Synchronization © Fairsail 2013 7
Sample Script Each PowerShell script is written by Fairsail to match individual customer requirements. This sample script is representative and includes a number of commonly occurring elements summarized in the Overview (see page 7).
Overview
Sample Script Sample Script Summary
Fairsail to Active Directory Synchronization © Fairsail 2013 8
Sample Script Summary
Declare Parameters
Sample Script Define Query
Fairsail to Active Directory Synchronization © Fairsail 2013 9
Define Query
Write Data to XML
Sample Script Create Data Object for CSV
Fairsail to Active Directory Synchronization © Fairsail 2013 10
Create Data Object for CSV
Populate CSV Data Object
Sample Script Export Data to CSV FIle
Fairsail to Active Directory Synchronization © Fairsail 2013 11
Export Data to CSV FIle
Sample Script Import CSV File to Active Directory
Fairsail to Active Directory Synchronization © Fairsail 2013 12
Import CSV File to Active Directory
Fairsail to Active Directory Synchronization © Fairsail 2013 13
IndexC Create Data Object for CSV • 14
D Declare Parameters • 11 Define Query • 12
E Export Data to CSV FIle • 16
I Import CSV File to Active Directory • 17 Introduction • 4
O Overview • 8, 9
P Populate CSV Data Object • 15 Pre-requisites • 5, 6
S Sample Script • 8 Sample Script Summary • 10
W Write Data to XML • 13
