Dataedo AD Kit
Dataedo AD Kit is a tool that can synchronize your Active Directory groups and users with Dataedo Portal groups and users.
In short Dataedo AD Kit reads configuration from the config file and based on it read users from the Active Directory and saves them to the Dataedo Portal.
Running AD Kit
Download the latest ADKit.exe
from our download page.
Enabling API Connection in Dataedo Portal
Firstly you need to enable API connection in Dataedo Portal System Settings. You will have to paste the token into the configuration file. It will be used by AD Kit to create, update and delete users in Dataedo Portal.
Configuration file
Create a new ADKit.conf
file in the same directory as ADKit.exe
. Copy and paste the content below.
[LDAP]
HOST = 192.168.0.1
PORT = 389
# DOMAIN = Dataedo
# You can use domain parameter alternatively to the HOST & PORT
# CONTAINER = OU
# You can specify a container in Active Directory to limit the AD scope
USERNAME = Dataedo\AD
PASSWORD = P@ssw0rd
[API]
TOKEN = eyJhbGciO...iJIUzI1
URL = https://your-web-catalog-domain.com:6000
# URL = http://localhost:8081/api/
# For localhost provide the address with a port and directory when needed
# You can find your API host in the page source in the Dataedo Web\Applications\UI
[SETTINGS]
AD_DISPLAY_NAME = displayName
# Name of the field in the Active Directory, which should be synced with the Dataedo Portal display name
AD_EMAIL = mail
# Name of the field in the Active Directory, which should be synced with the Dataedo Portal email
AD_GROUP = WebCatalog
# Name of the group in the Active Directory, which should be synced with the Dataedo Portal (source group)
WEB_GROUP = DataSteward
# Name of the group in the Dataedo Portal, to which users should be synced (target group)
# You can synchronize multiple Active Directory groups. To do that, add suffix "_<NUMBER>" to each AD_GROUP, WEB_GROUP pair:
# AD_GROUP_1 = WebCatalog
# WEB_GROUP_1 = DataSteward
# AD_GROUP_2 = WebView
# WEB_GROUP_2 = DataViewer
CREATE_USERS = True
# CREATE_USERS = True - create new users
# CREATE_USERS = False - only assign groups to existing users
DELETE_USERS = True
# DELETE_USERS = True - delete users who are deleted from the group. If multiple groups are synchronized, users who are not in any AD_GROUP and were removed from at least one WEB_GROUP are deleted from Dataedo Portal
# DELETE_USERS = False - only remove users from groups but leave them in the Dataedo Portal
Running ADKit.exe
Open PowerShell and change the directory to the one with ADKit.exe
and ADKit.conf
. Then simply execute the .exe
file.
There are a few arguments you can pass to the execution:
Option | Information |
---|---|
-q , --quiet |
Execute without showing any information (or errors). |
-i , --input |
Pass the path to the configuration file, like .\ADKit.exe -i C:\path\ADKit.conf |
-s , --simulate |
Do not execute any actions in the Web Catalog, but print everything on the screen |
-d , --debug |
Display more informations about errors |
--help |
Show help |
--version |
Show version |
Constant sync
If you would like to constantly sync Active Directory with Dataedo Web Catalog, schedule the execution of ADKit.exe
in Windows Scheduler to run for instance every hour.
Common problems
Error | Possible cause | Solution |
---|---|---|
Error: An invalid syntax has been specified. | Wrong CONTAINER in configuration file |
Fix the configuration file |
Error: Can't find group 'XXX' in WebCatalog | Wrong WEB_GROUP in configuration file |
Fix the configuration file |
Error: Can't find property: ... | Errors in the [LDAP] configuration |
Fix names of the fields or add them to the Active Directory |
Error: Failed to load configuration from file '...'. | Error in the configuration file (for instance duplicated lines) | Fix the configuration file |
Error: Group ... doesn't exist in Active Directory | ADKit was unable to find the specified group in the Active Directory | Fix the configuration file or add group to the AD |
Error: Response status code does not indicate success: 400 (Bad Request). | Wrong URL (for instance passed local IP to the URL) | Fix the configuration file |
Error: Response status code does not indicate success: 401 (Unauthorized). | Problems with Web Catalog token | Enable API connection (remember to click Save) |
Error: No connection could be made because the target machine actively refused it. | Error in the [API] configuration |
Fix the port number in configuration file |
Error: No such host is known. | Error in the [API] configuration |
Fix the hostname in configuration file |
Error: Response status code does not indicate success: 404 (Not Found) | Server with WebCatalog is not running | Enable the server where WebCatalog instance is running |