User Tools

Site Tools


ldap_synchronization_tool

This is an old revision of the document!


Lucy LDAP Synchronization Tool

The Lucy LDAP Synchronization Tool is a Windows-based software for both a one-time sync or can be installed as a Windows service for periodic syncronization. It receives user data from your Active Directory environment, prepares and imports into a selected recipient group in Lucy.

:!: Currently only recipients import is supported.

System requirements

To install the Lucy LDAP Synchronization Tool, your computer must meet the minimum requirements below.

Processor 1 GHz or faster 32-bit (x86) or 64-bit (x64)
Operating System Windows 7 (x86, x64) or later
Server 2012 R2 (x64) or later
*Operating system must have .NET Framework 4.5 or later installed
Memory 1 GB RAM (32-bit) or 2 GB RAM (64-bit)
Disk Space 100 Mb or more

Install the Lucy LDAP Synchronization Tool

  1. Download the tool - lucyldapsynchronizationtool.zip
  2. Unpack then Run LucyLdapSynchronizationTool.msi file. If prompted by User Account Control, click Yes to allow
  3. On the Lucy LDAP Synchronization Tool Setup Wizard, click Next
  4. Confirm your desired installation path, then click Next
  5. Click Install. If prompted by User Account Control, click Yes to allow
  6. When the installation is complete, click Finish
  7. Once installed, the program icon will appear on your desktop and Start menu

Configure the Connection settings to Lucy

The first step is to configure the connection to your Lucy server by entering the following information:

  • Server - Domain name of Lucy's Admin console or IP address of Lucy server (e.g., lucydomain.com, 172.10.0.128). A custom port can be specified after the colon (e.g. lucydomain.com:8443)
  • Username and Password - Administrator login credentials

:!: Click on "Test connection" to validate the credentials.

When finished, click Next to create a new recipient group or select an existing one.

Select the recipient group to import

Once your сonnection settings are configured, select the recipient group into which recipients from Active Directory will be imported.

You may either select an existing group or create a new recipient group using the buttons "New recipient group" and "Delete recipient group".

:!: Please keep in mind that deleting any recipient groups using the tool may affect the statistics in your campaigns. Deletion cannot be undone.

Use Search filter to find an existing group.

:!: Note. Multiple group synchronization is not supported.

When you have selected a recipient group, click Next to configure the Active Directory settings.

Configure the Connection settings to Active Directory

Next, you need to configure the connection between the tool and your Active Directory by entering the following information:

  • Host - domain name or IP address of the domain controller (e.g., ldap.domain.local)
  • Port - (default: 389 or 636) LDAP port
  • Username and Password - current user login credentials or a specific set of user credentials
  • Use SSL - enable secure connection
  • Base DN - root node under which all of your user and group objects are located
  • Auth type - (default: Negotiate) method which is used to authenticate the LDAP connection

When finished, click Next to select an Active Directory group.

Select the Active Directory group to export

Once your Active Directory settings are configured, select the Active Directory group from which users will be imported into Lucy.

Select an existing group or use Filter to build your own query.

You may use regular Active Directory search filters, for example: (|(objectClass=inetOrgPerson)(objectClass=user)). See Microsoft Documentation for more info.

Click on "Test filter" to see the first 10 users received from Active Directory.

When you have selected the Active Directory group, click Next to see the overall settings.

Review the settings

Verify the settings and click Next when you are ready to start the import.

Finishing

Once the synchronization process is finished, you can observe the debug log.

Click on "Register service" to install the tool as a Windows service. When running as a Windows service, the tool performs the sync every 10 minutes (:!: not configurable in the current version).

To remove the service, run the tool once again and click "Remove service" on the Lucy connection settings step.

Default actions

By default, the tool performs the following actions when specific events happen to users in your Active Directory (the actions are not configurable in the current version):

  • When a new user in Active Directory is detected: Automatically create recipient in Lucy and add it to the selected recipient group.
  • When a user in Active Directory is deleted: Automatically delete recipient from Lucy
  • When a user in Active Directory is removed from group in filter: Automatically delete recipient from Lucy
  • When user information in Active Directory is changed: Automatically update existing recipient in Lucy with the new information.

Troubleshooting

  • Login error The remote server returned an error: (400) Bad Request

Possible reasons: The account used is not an administrator
Login or password is invalid.
Solution: Use an account with Administrator role.
Check your credentials or try another account
  • Login error The remote server returned an error: (401) Unauthorized

Possible reasons: Your IP address is not listed in the API whitelist
Solution: Add your computer IP address to API whitelist. Learn more here.
  • Connection error The LDAP server is unavailable

Possible reasons: Active Directory server is not accessable from your computer (behind a firewall).
Invalid credentials or insufficient permissions.
Solution: Run the tool while inside the corporate network or connect to it using VPN.
Check your account or use a different account.

Changelog

v1.0 (January 2020) - Released the first version of the tool

ldap_synchronization_tool.1579009426.txt.gz · Last modified: 2020/01/14 14:43 by lucy