The batch file y-ldapsync.bat can be used to synchronize the ARIS Administration with LDAP. Enter the tool name followed by /? or -? to see the usage instructions, for example y-ldapsync.bat -?.
You must redirect the ports in case of a Linux operating system.
Procedure
Open a command prompt (Start > Run > cmd).
Enter y-ldapsync.bat -s <http://host_url:<port number other than default port 80 or 1080>> -t <tenant name> <command> -u <user name> -p <password>
Users are synchronized or imported from an LDAP system.
General usage
Options |
Description |
---|---|
-?, -h, --help |
Show help |
-u |
User name of the relevant user. |
-p |
Password of the relevant user. |
-f |
LDAP search filter |
-s, --server |
URL of the server, for example, http://my_host_url:<port number other than default port 80 or 1080> |
-t, --tenant |
Tenant name Default: default |
Commands |
Description |
---|---|
importUsers |
Imports users from an LDAP system, the spelling is case sensitive. * -f, --filter Search filter for LDAP as defined in RFC 2254, for example, '(cn=*)'. The filter will be combined with the configured import filters. -p, --password Password of the executor Default: superuser -u, --user User name of the executor Default: superuser |
importGroups |
Imports a hierarchy from an LDAP system, the spelling is case sensitive. * -f, --filter Search filter for LDAP as defined in RFC 2254, for example, '(cn=*)'. The filter will be combined with the configured import filters. -p, --password Password of the executor Default: superuser -u, --user User name of the executor Default: superuser |
removeUserAttribute |
Deletes an attribute of a user in the ARIS Administration. -au,--affectedUser User name of affected user -aa,-affectedAttribute Attribute of affected user |
syncUser |
Synchronizes a specific existing user with an LDAP system, the spelling is case sensitive. |
syncUsers |
Synchronizes existing users with an LDAP system, the spelling is case sensitive. * -au, --affectedUser User name of affected user -p, --password Password of the executor Default: superuser -u, --user User name of the executor Default: superuser |
syncGroup |
Synchronizes a specific existing group with an LDAP system, the spelling is case sensitive. * -ag, --affectedGroup Name of the affected user group -p, --password Password of the executor Default: superuser -u, --user User name of the executor Default: superuser |
syncGroups |
Synchronizes existing groups with an LDAP system, the spelling is case sensitive. -p, --password Password of the executor Default: superuser -u, --user User name of the executor Default: superuser |
Example 1
y-ldapsync.bat -s http://my_aris_host.com -t default importUsers -u system -p manager -f (cn=userID)
[CLI] Setting verbosity level... [VALUE: 0=OFF]
[CLI] Importing users... [TENANT: 30ff3081-aa9e-33e7-a7d7-5f9d00ae89ee, FILTER: (cn=userID)]
[CLI] Users successfully imported. [TENANT: 30ff3081-aa9e-33e7-a7d7-5f9d00ae89ee, COUNT: 1]
[CLI] CN=myuser,OU=Users,DC=mydomain
Example 2
Import all users from an LDAP system.
y-ldapsync.bat -s http://my_aris_host.com:81 -t default importUsers -u system -p manager -f (cn=*)