Configure AD Connector in Service Manager 2012


When configuring an Active Directory connector in SCSM…

… you can configure it to:

  • Import All Computers, printers and user groups
  • Select individual computers, printers, users or user groups
  • Provide LDAP query filters for computers, printers, users or user groups

The user field is important as it will populate values when registering a new Work Item in the SCSM Console.
If you don’t want disabled and service accounts imported, you can specify an LDAP query to filter those out.

This query might help you filtering these accounts out:

  • All Computers:
    • (objectCategory=computer)
  • All Printers:
    • (objectCategory=printQueue)
  • Users that are enabled and do not start with “sa_” or “service_” (–> this query for users can vary dependend on the users you don’t want in Service Manager) and all user groups
    • (|(&(ObjectCategory=User)(!samaccountname=service_*)(!samaccountname=sa_*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))(objectCategory=group))


Now only enabled users and no service accounts will be imported in SCSM.

Cheers,
Matthias

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s