Pureservice - User Manual (with Administrator)

New import

To add a new import, click in the top-right corner. We currently support Microsoft Active Directory and Microsoft Azure.

Step 1 – Start

Name

The import requires a Name, you cannot proceed to the Configuration step without it.

Import type

The Import type is by default set to Microsoft Active Directory, if it’s available. Currently only Onpremise solutions support user import from Microsoft Active Directory.

Schedule

It is also required that you select a Schedule for the import. You can choose between these schedules:

Step 2 – Configuration

Microsoft Active Directory

Path

The Path field is required in order to add a new import, and should contain a complete LDAP path name, i.e. a URL (Unified Resource Locator). The format of a complete LDAP pathname is LDAP://server/distinguished-name, where the server is the one the LDAP connection is set up towards. You can specify the server by either hostname, NetBIOS name, or IP address. If you do not enter a server name, the path will refer to the local PC.

Distinguished name
The Distinguished Name (DN) is a special LDAP-name, which refers to either a single object or whole containers. In Pureservice, three different keywords can be used to specify an object:

  • CN: Common Name
  • OU: Organizational Unit Name
  • DC: Domain Component

Example: if you would like to specify the user object “John Doe” under the OU “Sales” in the domain “syscomworld.com”, the complete LDAP pathname is: LDAP://CN=John Doe,OU=Sales,DC=syscomworld,DC=com.

Filter

Filter is an optional field, used to specify the number of records returned from the complete LDAP path. See this Microsoft article for further information on how to create a filter.

Authentication

You can choose between these authentication methods for imports:

Anonymous means that the LDAP service does not know or care about who is requesting the import – the service will allow access to any data. Default authenticates with the credentials of the user account running Pureservice, while Custom authenticates with a custom username and password.

Microsoft Azure

Azure setup

Prior to the setup, an application must be created in the Azure portal.This is done by navigating to App registrations, and then selecting New registration. You can then give a name to the Azure application, and select if your organization is single or multi-tenant. The optional redirect URI is not need for this import.
The application will require the following application API permissions:

  • Group.Read.All
  • GroupMember.Read.All
  • User.Read.All rettigheter

Once this has been created, we can start the setup in Pureservice

Pureservice setup

These fields require information to be filled in from the Azure app previously mentioned. The Application ID and the Tenant ID can be found in Overview of the app. Copy the information from the Azure app, to the specified fields.

Groups is an optional parameter, that will let you specify who you want to import. Only members of the listed groups will be imported, and you can list any number of existing groups using a comma to separate list. After the import is created, you are able to select the desired role users imported through this import should get. It could be wise to keep this in mind when specifying groups. This could always be changed later.

Username attribute is the attribute from Azure AD that will be set as the username for each Pureservice user. This is especially important for login, and your Single-Sign On solution. If the user import is used in conjunction with OAuth 2 Azure authentication, UPN is the recommended attribute.

Client Secret is generated in the Azure app, under Certificates & secrets. Once a new secret has been generated, copy value in to the specified field.

Step 3 – Finish

You can view all of the chosen settings for the new import in the summary before finishing the wizard. New imports are disabled by default, but can easily be enabled by unchecking the “Disabled” box. If you wish to enable the import at a later time, you can do so in the imports list, or by editing the import after creation.

Need more help with this?
Ta kontakt med oss for videre spørsmål her!

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.