This repository has been archived by the owner. It is now read-only.
Kentico Active Directory Import Service provides real-time import of users and groups from the Active Directory database to users and roles in a Kentico.
Switch branches/tags
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github
ADImportService
.gitattributes
.gitignore
ADImportService.sln
CODE_OF_CONDUCT.md
CONTRIBUTING.md
LICENSE.txt
README.md

README.md

Kentico AD Import Service

Build status first-timers-only

Kentico Active Directory Import Service provides real-time import of users and groups from the Active Directory database to users and roles in Kentico. The service is fully configurable through a configuration file.

Installation

Assuming that you have Kentico version 8.x installed, follow these steps:

  1. Enable REST service in Kentico settings with basic authentication
  2. Download the ADImportService.exe executable from releases (You might need to unblock it. Right click on ADImportService.exe, select properties and click unblock (screenshot).
  3. Open the command line and find the InstallUtil utility (most likely in C:\Windows\Microsoft.NET\Framework64\v4.0.x
  4. Execute the InstallUtil.exe <path to the ADImportService.exe> (e.g.: InstallUtil.exe C:\ADImportService\ADImportService.exe) command
  5. Create the C:\ProgramData\Kentico AD Import Service\configuration.xml file and copy the sample configuration there
  6. Open the configuration file and enter all required values
  7. Open Microsoft Management Console and start the Kentico AD Import Service

Immediately after starting, it gets the current users and groups and adds them to Kentico. Then it enables processing of asynchronous changes. If the application fails, it informs about the event in the Windows Event Log.

Configuration

Here is a sample configuration which you can copy to the configuration.xml file.

<ServiceConfiguration>
	<Listener DomainController="FQDN or IP of Domain Controller" 
	UseSsl="false" SslCertificateLocation="Path to .cer file">
		<Credentials>
			<UserName>UserName</UserName>
			<Password>Password</Password>
			<Domain>Domain</Domain>
		</Credentials>
	</Listener>
	<Rest UserName="Kentico user name" Password="Kentico password" 
	Encoding="utf-8" BaseUrl="http://localhost/Kentico8 (use https to ebnable SSL)" 
	SslCertificateLocation="Path to .cer file" />
	<UserAttributesBindings>
		<Binding Cms="FullName" Ldap="sAMAccountName" />
		<Binding Cms="UserGUID" Ldap="objectGUID" />
	</UserAttributesBindings>
	<GroupAttributesBindings>
		<Binding Cms="RoleDisplayName" Ldap="sAMAccountName" />
		<Binding Cms="RoleDescription" Ldap="description" />
		<Binding Cms="RoleGUID" Ldap="objectGUID" />
	</GroupAttributesBindings>
</ServiceConfiguration>

Common installation issues

If you're not able to run the service, make sure that

  • LDAP server is accessible
  • REST service is accessible (try to open it in your browser www.yourdomain.com/rest/cms.user)
  • Credentials are valid
  • Kentico user is able to modify users and roles
  • Windows user is able to read from AD database
  • Check the Windows Event log and Kentico Event log for error messages

Acknowledgement

The project is based on code developed by Tomas Hruby for his bachelor thesis (full text of the thesis in pdf).

Contributing

Want to improve the AD Import Service? Great! But make sure you read the contributing guidelines first.

If anything feels wrong or incomplete, please let us know. Create a new issue or submit a pull request.

Analytics