Administrators can use the ADSync Configuration to automatically synchronize Active Directory domain groups and OUs to roles within ImageQuest.  It can also be used to create system admin users as well.  The configuration is found in the Manage Warehouse section of the IQAdministrator application. 

 

NOTE:  The user that is logged into IQAdministrator MUST have the permissions to read the Active Directory Schema.

 

To create user mapping links, select Add Link from the Cabinet Links tab to bring up the Link Editor.

The Link Editor shows the Active Directory Objects and the IQ roles from both systems.  Select an Active Directory Group or Organization Unit to link to a role within ImageQuest.  In the example on the previous page the “ImageQuest” Active Directory Group is selected in the Active Directory Objects.  The IQ role “Indexers” will be linked to the “ImageQuest” Active Directory Group.  Click the Link button to create the link.

(NOTE:  One to many links can be created from a single AD Group to multiple IQ roles)

If “Enable email notifications if addresses are available” is checked, this will populate the user’s email address from Active Directory with the email address ImageQuest uses for notifications and configure the users to use SSO. 

Selecting “Remove users from IQ role if they no longer exist in the linked AD object” will remove users from the linked role in ImageQuest if they are removed from the group within Active Directory. It does not delete the user from ImageQuest.

(NOTE:  If you sync an ImageQuest role to an Active Directory group, you will not be able to add non ADSync users to that role when using the “Remove users from IQ role if they no longer exist in the linked AD object”  option.  They will be removed on the next sync.)

If you have previously used the separate ADSync utility from an older version of IQ, your configuration can be imported using the “Import Config” button.  After clicking “Import Config”, browse to the links.xml file in the old ADSync program folder and click the “Open” button.  All of the previous links will be imported into IQadministrator.

The Warehouse Links tab is similar to the Cabinet List tab however it only assigns the System Admin permission to users.   It also does not include the option to enable email notifications.

 

The Service Configuration tab allows you to specify in hour(s) the amount of time between synchronizations.  This time frame can be set to a decimal to sync faster than 1 hour if desired.

(For example:  0.25 hours equals every 15 minutes)

 

Once the Sync Interval has been set, use the Update Interval button to save the interval time.

The inline Edit and Delete icons may be used to edit the selected configuration or delete the selected row.