/build/static/layout/Breadcrumb_cap_w.png

2023 KACE SMA AD LDAP - Import user's manager

While KACE can import an Active Directory users' manager, it imports the Distinguished Name of the manager, which means you can't link it to the KACE Manager field without causing problems.

There are previous guides on how to correct this, but they are outdated.

Step 1: Configure LDAP 

This is not a guide to setting up LDAP with KACE for the first time; this assumes you already have LDAP functioning with KACE.

In KACE SMA, single organization mode, go to: Settings > Control Panel > User Authentication

Click the alarm clock next to your LDAP sync entry; this will take you to a "User Import : Schedule" page

Make sure that, under "Attributes to retrieve", you have 'manager' (without quotes) listed, in addition to the other fields you are importing

Also make sure the import is set to run on a frequent basis (at least daily to keep your AD up to date)

Click Next

On the next page, make sure that Manager is set to "No Value", and Custom 4 is set to "manager"

Click Next, then click Finish

Step 2: Create Ticket Rule

In KACE SMA, single organization mode, go to: Service Desk > Configuration > Ticket Rules

  • This will default to a queue, I suggest choosing your helpdesk queue

Select Choose Action, then New (SQL)

  • Name: User Manager LDAP Update
  • Enabled: Checked
  • Select SQL: (Doesn't matter, I put in the following query) SELECT ASSET.ID, ASSET.ASSET_CLASS_ID, MACHINE.CS_MODEL FROM ASSET INNER JOIN MACHINE ON ASSET.NAME = MACHINE.NAME
  • Email Results: UNchecked
  • Append comment to ticket: UNchecked
  • Email each recipient in query results: UNchecked
  • Run Update Query: Checked (SQL below)
  • Recalculate Due Dates: UNchecked
  • Schedule Frequency: (at least daily, base off your LDAP import)
  • Schedule Next Run: (set for 15-30 minutes after your next scheduled LDAP import - don't forget to change the date to tomorrow if that's when your next LDAP import is)


Update SQL Query:

update

USER

inner join USER_FIELD_VALUE ufv /* Custom user fields stored in UFV table */

ON USER.ID = ufv.USER_ID /* Combine USER and USER_FIELD_VALUE tables */

  and ufv.FIELD_ID = 4 /* Manager name imported from LDAP into custom field 4 */

  and ufv.FIELD_VALUE <> '' /* Only bother if the custom_4 is not empty */

inner join USER mgr /* Manager's user entry */

ON SUBSTRING(ufv.FIELD_VALUE, 4, LOCATE(',', ufv.FIELD_VALUE) - 4) = mgr.FULL_NAME /* Return just the name part of custom_4 and find a user whose FULL_NAME matches */

set

  USER.MANAGER_ID = mgr.ID



Comments

This post is locked

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ