Logo

Manually Sync Users from LDAP/AD

To automatically import users from an LDAP or AD  connection do the following. Note: this assumes there is one LDAP/AD connection setup on your instance of CloudBolt. If there are multiple, you may have to adjust the array index in line the "job_params.ldap = LDAPUtility.objects.all()[0]" to [1] or [2]. 

On the C2 server, run:

$ /opt/cloudbolt/manage.py shell_plus

Once you get a prompt, enter the following commands line-by-line:

job_params = SyncUsersFromLdapParameters.objects.create()
job_params.ldap = LDAPUtility.objects.all()[0]
job_params.failure_email_address = GlobalPreferences.get().cbadmin_email
job_params.save()
job = Job(type="sync_users_from_ldap", job_parameters=job_params )
job.save()

This will create a job that will connect to your LDAP server and import the users matching the search filter you provided.

Also keep in mind, by default AD limits the number of results returned, so if you try to import 1000+ users, AD will issue an error. To fix this error, you'll need to adjust this setting in your AD server.

 

Rick Kilcoyne -
Have more questions? Submit a request

4 Comments

Date Votes
  • 0
    Avatar
    Arsen Baiatian

    Hi 

    I have 3 LDAP/AD connections and by connections I mean 3 different LDAP domain authentication settings for the same AD.
    When you say ""job_params.ldap = LDAPUtility.objects.all()[0]" to [1] or [2]" for the multiple AD connections, do you mean these connections that I described or something else. If these - please advise where I can see which [0], [1] or [2] is assigned to them because in the Admin GUI, they are listed without being numbered. And if not - please clarify what you mean.
    Also, if I want to update an existing user would I use "update" instead of "create" in the following?

    job_params = SyncUsersFromLdapParameters.objects.create()

    Thank you

  • 1
    Avatar
    Kevin Delaney

    I know this is an old post but can this method be adapted to map a single user from AD..?

  • 0
    Avatar
    Lars Bjerke

    Hello @RickKilcoyne

    How would we take what you have above to see how many users are listed in the job_params?     

    I am installing a new CB instance to replace a much older version and want to pre-seed several users.  

    Even through I have a ldap filter that should only include about 200 users; when I click save in the UI, I see "Test search exceeded server defined size limits"  which has me worried these steps may try to import hundreds of extra users. 

    Thanks in Advance! 

  • 0
    Avatar
    Lars Bjerke

    figured it out:  len(job_params.ldap.getUserList())  

Please sign in to leave a comment.