Service Manager Active Directory Integration

Once Service Manager is deployed in the organization it can be integrated with other products, among which Exchange or other products of the System Center product family, to import data such as configuration items from Active Directory Domain Services (AD DS).

In this post I will show you the procedure to create the AD Connector so that Service Manager can import information about users defined in the Active Directory Domain Services database.

Service Manager Active Directory Connector Requisites

In order to create and configure the Service Manager Active Directory Connector you will need to create a Run As Account that needs to have read access to the OUs where users resides, as typically all users have this kind of permissions out of the box there is no need to delegate any special permission or make the user part of any administrative group.

To write this article I have used a user with the following data:

Full Name: Service Manager Run As Account – AD Connector

Username: SVC_SM_RAA_AD

Password: P@ssw0rd

Service Manager Active Directory Connector Account

[su_note note_color=”#ffff96″ text_color=”#000000″ radius=”5″]Note: In any infrastructure there is always a demand of a number of service accounts to run an application or a service and the need of a good standard naming convention in a future post I will show how this can easily be achieved  [/su_note]

Service Manager Active Directory Connector Configuration

Open the Service Manager Console and navigate to [Administration] / [Connectors] right click in the middle pane and select [Create Connector] / [Active Directory Connector]

Service Manager Active Directory Connector Creation

Just click Next on the first page of the wizard and assign a name to the Connector and make sure to select Enable this Connector

Service Manager Active Directory Connector Wizard

Service Manager Active Directory Connector Name

In the Domain or Organizational Unit page you can chose if the connector will be use the whole domain or a single Organizational Unit as the source for user account synchronizations in this example I will use a single OU

Service Manager Active Directory Connector OU

In the Credentials section click on the New button so to specify which account will be used to connect to Active Directory

Service Manager Active Directory Connector Service Account

Once done click Ok and then click on Test Credentials to make sure everything is working as intended and then lick the Next button

Service Manager Active Directory Connector Test Credentails

In the following window select All Computers, printers, users and user groups and again click on Next

Service Manager Active Directory Connector Select Objects

Review information in the Summary page and select Create if everything is correct

Service Manager Active Directory Connector Summary

Once the Service Manager Active Directory Connector has been created a synchronization will automatically start you can monitor the process in the event viewer, Service Manager writes events in the Operation Manager even log, the event you are looking for has ID 3339

Service Manager Active Directory Connector End Sync

You can check the status of synchronization directly from the Service Manager Console

Service Manager Active Directory Connector Console StatusFinally you can verify all objects have been synchronized opening the Service Manager Console navigating to [Configuration Items] / [Users]

Service Manager Active Directory Connector Users Synchronization

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s