How to Configure Active Directory Sync
This KB article describes the steps necessary for configuring Active Directory (AD) synch with SAP Contact Center for the syncing of users or directory entries.
How it Works
Once everything is configured, there are two steps to the process:
- A windows job that is configured to run on some period basis (e.g. every 24 hours) which exports the selected AD entries to a flat file in a shared network drive/folder
- A Contact Center job that is configured to run on some period basis (after the first job) which imports the specified flat file into Contact Center)
Make a Shared Folder
The shared folder is required for the AD export job to save the AD file in (and so must have write access for that) and for the Contact Center job to read from the file (and so must have read access for that).
NOTE: Contact Center Cloud Edition does not have network trust or an AD account to request to read the share on your network and so the share must be created to allow anonymous access with no user/password. Here is a link to information on creating an anonymous share: http://nikolar.com/2015/03/10/creating-network-share-with-anonymous-access/
Exporting from Active Directory
Ldifde Tool
- Exporting makes use of a Microsoft supplied command-line tool called "Ldifde". For comprehensive description of this tool, refer to the following link: https://technet.microsoft.com/en-us/library/cc731033(v=ws.11).aspx
- This tool is enabled on Active Directory servers, and can be enabled on any server by adding Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS) server role.
- Running the tool from a command line requires an elevated command prompt (Run as administrator)
Here's an example of users in an Org Unit called ACME
Example command:
ldifde -v -n -u -f ldifde4.ldf -r "(&(objectCategory=person)(objectClass=User)(givenname=*)(company=ACME))" -l "cn,givenName,sn,telephoneNumber,mobile,mail,displayName"
This creates a file called ldifde4.ldf. This file can include the path to the share so that the file is saved directly to the share.
This command can be added to a batch file, and scheduled to run on some schedule using Windows scheduler.
Example command line output:
Example file created:
The next step is to setup the import into SAP Contact Center using the System Configurator tool.
Import Active Directory Users via System Configurator
Launch the system configurator and navigate to "System Tools > Import"
Select to Import "Users"
Note: To import Directory instead of Users, select "Directory"). This example is for users, but Directory is essentially the same. Review this page for more info: https://help.sap.com/viewer/b382b7dce2774c9aafdfda69f740b975/7.0/en-US/bd4165222bf4456c9f24c7bd3db30c0f.html
Select the User Group to load the user to and select the share folder/file for the Image Folder as shown below:
The mapping settings are shown on SC, start import by clicking ‘Start button.
If you run the import only once the mappings can be done here during the import or if the import is e.g. scheduled to happen every week/day the mappings can be saved into the import settings.
Mappings can be configured in System Tools > Import and Export Settings.
Use static mappings for some common settings e.g. Role, Settings (=User Setting Template), Time Zone etc.
After adding the mappings save the settings.
Complete list of variables which can be imported from AD and list of SAP Contact Center fields where the information can be used. Some of the SAP Contact Center fields can be mapped statically to all imported users like above the Role, TimeZone etc.:
When import is done you can see the result of the job:
By opening "User and Role Management" > "Users" you can see the newly imported users:
You can start the "User and Role Management" -> "Update Wizard" and find the newly imported users:
Step 1: Search:
Step 2: Select all found users and configure some user settings for the new users, several options available:
Step 3: Summary of selected changes/updates
Step 4: Result
For more information on AD Import see: https://help.sap.com/viewer/b382b7dce2774c9aafdfda69f740b975/7.0/en-US/96a01bc0b88e4537952b75f60e40df02.html
Scheduling the AD Import
Once the AD import has been done manually and it has been running without errors you can change it to be scheduled. Double click the successful job from the list.
Edit the schedule e.g. to be e.g. Daily and set the time (4:00 in this example) when it should run. Schedule the import job so that it is not overlapping with reporting jobs. See the System Configurator: System Services - Batch Job Server Settings.
Related Articles
How to configure a workstation to start using BCM
Prerequisites BCM client workstation need to have the Microsoft Internet Explorer software installed. Procedure of enabling a client workstation to start using BCM To enable using the software in the Internet Explorer, configure workstations in the ...How to Enable QoS for SAP Contact Center Servers and Communication Desktop (CDT)
How to Enable QoS for SAP Contact Center Communication Desktop (CDT) QoS or Quality of Service describes the way in which packets are tagged to ensure that network devices apply the correct prioritization, allowing the best possible experience when ...