TIBCO Scribe® Online Connector For Microsoft Active Directory

The TIBCO Scribe® Online Connector for Microsoft Active Directoryis based on the CData driver for Microsoft Active Directory. This Connector provides read and write access to Active Directory. Synchronize information from a directory with leads and contacts in your CRM, or use the Connector to reset a user’s password. The Connector supports dozens of Active Directory objects including Group, Organization, Person, Server and User, as well as special operations like Change Password and Reset Password.

Use the Microsoft Active Directory Connector as a source or target Connection for Integration Solutions. This Connector is based on Scribe.Connector.AdoNet library and CData Active Directory ADO.NET provider.

Possible use cases for the Microsoft Active Directory Connector include:

Connector Specifications

  Supported

Agent Types

On Premise X
Cloud X

Replication Services

Source  
Target  

Integration Services

Source X
Target X

Migration Services

Source  
Target  

Maps

Integration X
Request-Reply X
Message  

This Connector is available from the TIBCO Scribe® Online Marketplace. See Marketplace TIBCO Scribe® Certified Connectors for more information.

Supported Entities

The Microsoft Active Directory Connector supports the following entities. Click a linked entity name for additional information when using that entity in TIBCO Scribe® Online. For a list of additional operations by entity see Special Operations.

Standard Operations

Entity Query Create Update Delete Upsert

Account

X

X

X

X

 

ApplicationEntity

X

X

X

X

 

ApplicationProcess

X

X

X

X

 

ApplicationSettings

X

X

X

X

 

ApplicationSiteSettings

X

X

X

X

 

ApplicationVersion

X

X

X

X

 

BuiltinDomain

X

X

X

X

 

CertificationAuthority

X

X

X

X

 

Computer

X

X

X

X

 

Contact

X

X

X

X

 

CRLDistributionPoint

X

X

X

X

 

DHCPClass

X

X

X

X

 

DnsNode

X

X

X

X

 

DnsZone

X

X

X

X

 

Domain

X

X

X

X

 

DomainDNS

X

X

X

X

 

DomainPolicy

X

X

X

X

 

DomainRelatedObject

X

X

X

X

 

ForeignSecurityPrincipal

X

X

X

X

 

Group

X

X

X

X

 

GroupOfNames

X

X

X

X

 

GroupOfUniqueNames

X

X

X

X

 

GroupPolicyContainer

X

X

X

X

 

IpHost

X

X

X

X

 

IpNetwork

X

X

X

X

 

Organization

X

X

X

X

 

OrganizationalPerson

X

X

X

X

 

OrganizationalRole

X

X

X

X

 

OrganizationalUnit

X

X

X

X

 

Person

X

X

X

X

 

PosixAccount

X

X

X

X

 

PosixGroup

X

X

X

X

 

PrintQueue

X

X

X

X

 

SecurityObject

X

X

X

X

 

SecurityPrincipal

X

X

X

X

 

Server

X

X

X

X

 

Site

X

X

X

X

 

Top

X

X

X

X

 

TrustedDomain

X

X

X

X

 

User

X

X

X

X

 

Special Operations

These special operations are executed using the Native Query Block. See Native Query.

Entity Operations

User

-ChangePassword

-ResetPassword

Setup Considerations

Selecting An Agent Type For Microsoft Active Directory

Refer to TIBCO Scribe® Online Agents for information on available Agent types and how to select the best Agent for your Solution.

Connecting To Microsoft Active Directory

Note: Best practice is to create Connections with credentials that limit permissions in the target system, following the principle of least privilege. Using Administrator level credentials in a Connection provides Administrator level access to the target system for TIBCO Scribe® Online users. Depending on the entities supported, a TIBCO Scribe® Online user could alter user accounts in the target system.

  1. Select More > Connections from the menu.
  2. From the Connections page select Add to open the Add a New Connection dialog.
  3. Select the Connector from the drop-down list in the Connection Type field, and then enter the following information for this Connection:
    • Name — This can be any meaningful name, up to 25 characters.
    • Alias — An alias for this Connection name. The alias is generated from the Connection name, and can be up to 25 characters. The Connection alias can include letters, numbers, and underscores. Spaces and special characters are not accepted. You can change the alias. For more information, see Connection Alias.
    • BaseDN — Base portion of the distinguished name. Limits results to specific subtrees. For example, if the value for the root folder for the domain is SomeDomain.Local, then the BaseDN is: dc=SomeDomain,dc=Local
    • Server — IP address or DNS name of the domain controller.
    • Port — Optional field that sets the Domain Controller port number, which must be in the 1023 to 65535 range. Default value is 389.
    • User — Distinguished name of a user. Example: SomeUserName\SomeDomain or someusername@SomeDomain.Local
    • Password — Password for the distinguished name of the specified user.
    • Additional Parameters — Optional field where you can specify one or more connection string parameters. See the Connection String Options section of the CData documentation for a list of parameters that can be used and their default values. Note that in some cases the CData Active Directory ADO.NET provider does not fully support all of the possible parameters.

      Syntax for the Additional Parameters field is as follows:

      • All blank characters, except those within a value or within quotation marks, are ignored
      • Preceding and trailing spaces are ignored unless enclosed in single or double quotes, such as Keyword=" value"
      • Semicolons (;) within a value must be delimited by quotation marks
      • Use a single quote (') if the value begins with a double quote (")
      • Use a double quote (") if the value begins with a single quote (')
      • Parameters are case-insensitive
      • If a KEYWORD=VALUE pair occurs more than once in the connection string, the value associated with the last occurrence is used
      • If a keyword contains an equal sign (=), it must be preceded by an additional equal sign to indicate that the equal sign is part of the keyword
      • Parameters that are handled by other fields or default settings in the Connection dialog are ignored if used in the Additional Parameters field, including: 
        • BaseDN
        • Server
        • Port
        • User
        • Password
        • Logfile — This parameter is not visible in the Connection dialog, but is set by the Connector. The default size is a maximum of 10MB. Any CData log files generated by this setting are stored in the default TIBCO Scribe® Online Agent Logs directory, C:\Program Files (x86)\Scribe Software\TIBCO Scribe® Online Agent\logs\. The format for log file names for CData logs are as follows: <ConnectorName><GUID of the Connection><DateTimeStamp>.log

          Note: For information on setting log file verbosity, see Verbosity in the CData Help.

        • MaxLogFileSize — This parameter is set by the Connector to a maximum of 10MB.
        • Other
        • RTK
        • Support Enhanced SQL
  4. Select Test to ensure that the Agent can connect to your database. Be sure to test the Connection against all Agents that use this Connection. See Testing Connections.
  5. Select OK to save the Connection.

Metadata Notes

All entity properties are returned as strings.

Naming

Connection metadata must have unique entity, relationship, and field names. If your Connection metadata has duplicate names, review the source system to determine if the duplicates can be renamed.

Microsoft Active Directory Connector As IS Source

Consider the following when using the Microsoft Active Directory Connector as an Integration Solution source.

Query

Native Query

The Microsoft Active Directory Connector supports SQL queries in Native Query Blocks to create customized queries for Microsoft Active Directory. The query can be as simple or complex as you need it to be; however, it should return a single result set. The native query text is sent to Microsoft Active Directory exactly as it is entered without any modifications.

You can use SELECT , UPDATE , INSERT and DELETE clauses. If support for Enhanced SQL is enabled, you can use Joins and Aggregate functions. For additional details, see the SQL Compliance and Support Enhanced SQL sections of the CData documentation .

After entering the SQL query, you must select Test to validate the query. Invalid queries are not accepted by the Connector. See Native Query Block and Creating Native Queries For Microsoft SQL Server for additional information.

When testing a Native Query in a Map, if the source datastore does not return any data, TIBCO Scribe® Online cannot build the schema for the underlying metadata and the Map cannot be saved. To allow TIBCO Scribe® Online to build the schema, do the following:

  1. Create a single temporary record in the source datastore that matches the Native Query.
  2. Test the Native Query and ensure that it is successful.
  3. Save the Map.
  4. Remove the temporary record from the source datastore.

Filtering

Filtering support varies by entity. For additional details, see the Data Model section of the CData documentation.

TIBCO Scribe® Online API Considerations

To create connections with the TIBCO Scribe® Online API, the Microsoft Active Directory Connector requires the following information:

Connector Name

Microsoft Active Directory

Connector ID

4299EE13-1BF3-4454-8B0A-B05106CF877C

TIBCO Scribe® Online Connection Properties

In addition, this Connector uses the Connection properties shown in the following table.

Note: Connection property names are case-sensitive.

Name Data Type Required Secured Usage

BaseDN

String

Yes

No

 

Server

String

Yes

No

 

Port

String

No

No

 

User

String

Yes

No

 

Password

String

Yes

Yes

 

ConnectionString

String

No

No

 

License Agreement

The TIBCO Scribe® Online End User License Agreement for the Microsoft Active Directory Connector describes TIBCO and your legal obligations and requirements. TIBCO suggests that you read the End User License Agreement.

More Information

For additional information on this Connector, refer to the Knowledge Base and Discussions in the TIBCO Community.