5 Replies Latest reply on Jul 22, 2016 7:42 AM by andreas.lindner

    LANDesk AD Automation Process (Export from LANDesk - AD)


      I am looking for a solution around a task that is growing bigger for us as roll out the system to more service desks.


      Currently we create new users in AD and export them to LANDesk and also run a sp that creates a network login. This is a requirement for our internal analysts to have SSO, this works perfectly for us and isn't an issue but then when we bring end users (customers) into scope the tasks becomes unmanageable.


      We have to create end users in our AD and run the sp to create the network login, the users don't have SSO but from my understanding we have to include AD because of the authentication issues of using LANDesk security.


      The above task is only going to get worse when you start to factor in changes to user details and more customers being moved to the new help desk so I am looking at what options we have...


      One suggestion was to use PowerShell that could export the new users (or changes) and then import them into AD, this sounds like a lot of work and I am not convinced we are the only organisation that requires SSO for internal users and a secure authentication/setup process for end users.


      Are we missing something?

        • 1. Re: LANDesk AD Automation Process (Export from LANDesk - AD)
          phoffmann SupportEmployee

          <Sorry - can't help here. Just moving the thread into the ITSM section, as it's more related to that, and not the Management Suite from what I can tell ?>

          • 2. Re: LANDesk AD Automation Process (Export from LANDesk - AD)

            Back in the day the majority of people would simply use an AD connector and import their user information directly into their user table inside Service Desk and populate all the relevant information like phone, department, email, etc...  This would happen directly instead of an export.  You can populate your separate user bases into separate companies and even customer/dept groups through the import.


            I might be missing something but would probably help us assist you to know the layout of the environment, whether connecting to one of these sources directly is a possibility, etc...

            • 3. Re: LANDesk AD Automation Process (Export from LANDesk - AD)
              andreas.lindner Expert

              Hi mkelbie,


              SBW is right, there still is an AD Connector that works really nice. Just have a look at the following document: Importing End Users and Analysts into Service Desk


              After that you just have to set up different Stored Procedures (or you can do it as one if you like) to link users to a default role, set the network login (you just happen to have this one already), to set default group membership and to set a default dashboard for EndUsers and Analysts (Insert a personal default dashboard for a specific user in WebAccess using a script).


              You can set the import schedule to import you users every day if you'd like and after that start the SPs via maintenance plan. Just make sure you leave enough time between end of the import and start of the maintenance plan.


              I hope we could set you on the right track!


              • 4. Re: LANDesk AD Automation Process (Export from LANDesk - AD)

                Are these steps to get users from AD to LD?


                Currently that is how we do it but with the thousands of customers (users) due to go LIVE on the system we have a lot of users to add in AD.


                What I want is to provide the functionality to service desks to create/edit new end users and feed that into AD.


                Our setup is very bespoke I believe, we have multiple service desks in our group/busines with their own customers, some customers have multiple products therefore log tickets to multiple services desks but the service desks are all isolated from each other.


                I want an analyst within a service desk to be able to create new users/customers and to get that record imported into AD.


                Analysts do not have access to AD and I need to reverse the current process because the number of end users we have is becoming an issue with only limited access to AD.

                • 5. Re: LANDesk AD Automation Process (Export from LANDesk - AD)
                  andreas.lindner Expert

                  Hi mkelbie,

                  yes, these are the steps to import from AD to LD. But if you need it vice versa, you need to use the so called Process Manager or aka. ALM. It is a separate product and can be roughly described as workflow tool that can link several systems, amongst them is Active Directory. Just take a look at this landing page: Asset Lifecycle and Process Manager


                  You can design a small process apart from LDSD that can create or update AD users. So for example you can set up a request, asking for the users data (surname, given name, phone, mail, mobile,...) and hand them over to the ALM via a web based service. Just take a look at the videos on the above landing page.