Description

In some cases, it may not be possible for you to allow your Atlassian product to directly access Microsoft Active Directory (AD) for user information. In such cases, you may still want to extract data from AD for use with your Atlassian products. Some example uses may be:

1. Create a database of user information to feed data to Confluence using SQL for Confluence.
2. Synchronize user information with Atlassian products by writing a script that utilizes Appfire Command Line Interface (CLI)'s user actions.

Links

• CSVDE - extract AD data to CSV
• Apache Directory Studio - LDAP browser useful for browsing your AD data especially form non-Windows systems
• PostgreSQL COPY - load data from CSV 

Steps

1. Check to see if CSVDE is already available on your Windows server. If not, then install it.
2. Figure out your query parameters:
   • AD server with valid user and password - verify with LDAP browser or similar
   • Base DN.
   • LDAP filter - subset the set of entries to be extracted to match what you want.
   • LDAP attributes - subset the data returned to only these attributes.

3. Run the command to create the CSV file:

   csvde -s <ad-host> -a <ad-user> <ad-password> -f <csv-outfile> -d <baseDN> -r "<ldap-filter>" -l "<ldap-attributes>"

4. Process the CSV file using a script or other methods:
   • Write a script to read the CSV file. If you are using Groovy, GINT has a Helper class that has CSV helper functions like csvDataAsListOfRows.
     • Use the ACLI user functions appropriate for your Atlassian product like addUser.
   • Use the ACLI runFromCsv action if appropriate together with addUser and similar user actions.
   • Load the data into a database - many databases like Postgres have CSV load capabilities.
     • This may make it easier to merge with non-AD data.
     • You can also drive ACLI based integration scripts directly or via runFromSql.