Active IQ Unified Manager Discussions

Has Anyone got AD groups into WFA

lopaka
16,374 Views

So I have a AD group I added it to WFA operators. But the only way I can get it to work is making the user login. Then I have to added them to the right categories ect. If someone knows how to pull AD group into WFA that would be great. I have tried to code it but I still get nothing. Any help on this would be great. Thanks

1 ACCEPTED SOLUTION

sinhaa
16,287 Views

 

Hi lopaka,

    I couldn't find my old dar file. So I made a new solution and I think I've done it better than what I had last time.

 

Let's see how it works.

 

Assigning Category access for Active Directory "WFA Operators Groups" is not available in WFA. Its only the individual operator users that can be done. And another problem that domain users in WFA are only created when they login. This is a  problem that the Admin needs to wait for operators users to login into WFA. 

 

This solution I'm providing is a workflow. A workflow which when executed will pull out all Users in the WFA Operators Groups for every LDAP server mentioned and get them into WFA as operators. Now you can assign Categories to them as you wish. You need not wait for them to login into WFA before assigning categories to them.

 

When the operators login using their respective Domain credentials, they will get access to categories just as you wanted them to be.

 

Prerequisites:

 

  1. You need Powershell 3.0 or above on your WFA server. Windows2012 by default has this. 
  2. Have the WFA Configurations defined for LDAP and Wfa Operators Users groups decided as you wish.
  3. Add credentials of a WFA ‘Admin’ user for ‘localhosthost

Match: Exact

Type: Other

Name/IP: localhost

Username: <WFA Admin Username>

Password: <User Password>

 

Credentials_localhost.png

 

 

 4. Add credentials for the Active Directory server. We need it to query the AD server for users in groups.

 

Match: Exact

Type: Other

Name/IP: <Active Directory Server IP>

Username: <Username>

Password: <Password>

 

AD.png

 

 

Now just import the attached WFA2_2_sinhaa__Workflow_Get_WFA_Ldap_Operator_Users.dar into your WFA server and Execute the workflow. It needs NO user inputs, just execute it.

 

Have fun.

 

sinhaa

 

 

 

 

 

 

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

View solution in original post

15 REPLIES 15
Public