Connecting to Microsoft Active Directory
The Sisense Microsoft Active Directory connector is a standalone connector that allows you to import data from Microsoft Active Directory’s API into the ElastiCube Manager. After you have downloaded and installed the connector, you can connect through a connection string you provide Sisense in the ElastiCube Manager. The connection string is used to authenticate users who connect to the Microsoft Active Directory tables.
Once you have connected to Microsoft Active Directory, you can import a variety of tables from the Microsoft Active Directory API.
This page describes how to install the Microsoft Active Directory connector, how to connect to Microsoft Active Directory with a connection string, and what tables you can import into the ElastiCube Manager:
- Installing the Microsoft Active Directory Connector
- Connecting to the Microsoft Active Directory
- Microsoft Active Directory Tables
Sisense provides the Microsoft Active Directory connector as a standalone connector that you can download and add to your list of default Sisense connectors.
To install the Microsoft Active Directory connector:
- Download the Microsoft Active Directory installation file.
- Open the installation file and click Install.
- After the installation process is complete, click Close.
The Microsoft Active Directory connector is displayed in the ElastiCube Manager under Add Data > Web Services.
Sisense uses connection strings to connect to Microsoft Active Directory and import data into the ElastiCube Manager.
The connection string to connect to Microsoft Active Directory has the following structure:
The following is an example of a Microsoft Active Directory connection string:
To establish a connection, the following properties under the Authentication section must be provided:
- Valid User and Password credentials (e.g., Domain\\BobF or cn=Bob F,ou=Employees,dc=Domain).
- Server information, including the IP or host name of the Server and the Port.
- BaseDN will limit the scope of LDAP searches to the height of the distinguished name provided.
Note: Specifying a narrow BaseDN may greatly increase performance; for example, cn=users,dc=domain will only return results contained within cn=users and its children.
- If you define your own custom schemas to work with your ActiveDirectory object classes, set Location to the path to the folder containing the schema files.
Note: To switch between accounts, you need to delete the file OAuthsettings.txt file located at …\Users\xxx\AppData\Roaming\CData\Microsoft Active Directory Data Provider.
To add Microsoft Active Directory data:
- In ElastiCube Manager, click Add Data and then, Microsoft Active Directory. The Connect to Microsoft Active Directory window is displayed.
- In Datasource Connection String, enter your connection string.
- Click Connect to Server. Microsoft Active Directory is displayed in the Select Database list.
- Click OK. Sisense connects to Microsoft Active Directory and displays a list of tables available for you to import.
- Select the relevant tables and click Add.
The tables are displayed in the ElastiCube Manager.
Switching between Accounts
When you connect to the Microsoft Active Directory data source, Sisense saves your OAuth values in the file OAuthsettings.txt file located at …\Users\xxx\AppData\Roaming\CData\Microsoft Active Directory Data Provider on your Sisense server. To connect to the Microsoft Active Directory data source with another user on the same machine, you must delete the OAuthsettings.txt file. Sisense will then generate a new file for that user.
Another option to support multiple users is to define the location and file name of an OAuthsettings file for each unique user in your connection string through the OAuthSettingsLocationparameter. When each user connects to the data source, Sisense generates the OAuth file with the file name you specify in the location you define. In the examples below, two users are allowed to access the Microsoft Active Directory data source and for each user, Sisense generates a file that contains that user’s OAuth values in the location defined in the string.
In the example above, to OAuth files are created, one for John and one for Sally in the location C:\Microsoft Active Directory\auth\.
This is useful if you support many users who each need to access the Microsoft Active Directory data source.
Microsoft Active Directory’s RESTful APIs expose the following Microsoft Active Directory tables that you can import into the ElastiCube Manager through the Sisense Microsoft Active Directory connector:
|Account||The account object class is used to define entries that represent computer accounts.|
|ApplicationEntity||X.500 base class for applications: Directory Service only uses subclass MSFT-DSA.|
|ApplicationProcess||X.500 base class for applications: Exchange only uses subclass DSA-Application.|
|ApplicationSettings||Base class for server-specific application settings.|
|ApplicationSiteSettings||Contains all site-specific settings.|
|ApplicationVersion||Can be used by application developers to store version information about their application or its schema.|
|BuiltinDomain||The container that holds the default groups for a domain.|
|CertificationAuthority||Represents a process that issues public key certificates, for example, a Certificate Server.|
|Computer||This class represents a computer account in the domain.|
|Contact||This class contains information about a person or company that you may need to contact on a regular basis.|
|Events||Query the Events for a Target based on either the Target or SearchTerms. May require the user_events permission.|
|CRLDistributionPoint||The object holding Certificate, Authority, and Delta Revocation lists.|
|DHCPClass||Represents a DHCP Server (or set of servers).|
|DnsNode||Holds the DNS resource records for a single host.|
|DnsZone||The container for DNS Nodes. Holds zone metadata.|
|Domain||Contains information about a domain.|
|DomainDNS||Windows NT domain with DNS-based (DC=) naming.|
|DomainPolicy||Defines the local security authority policy for one or more domains.|
|DomainRelatedObject||The domainRelatedObject object class is used to define an entry that represents a series of documents.|
|ForeignSecurityPrincipal||The Security Principal from an external source.|
|Group||Stores a list of user names. Used to apply security principals on resources.|
|GroupOfNames||Used to define entries that represent an unordered set of names that represent individual objects or other groups of names.|
|GroupOfUniqueNames||Defines the entries for a group of unique names. In general, used to store account objects.|
|GroupPolicyContainer||This represents the Group Policy Object. It is used to define group polices.|
|IpHost||Represents an abstraction of a host or other IP device.|
|IpNetwork||Represents an abstraction of a network. The distinguished name value of the Common-Name attribute denotes the canonical name of the network.|
|Organization||Stores information about a company or organization.|
|OrganizationalPerson||This class is used for objects that contain organizational information about a user, such as the employee number, department, manager, title, office address, and so on.|
|OrganizationalRole||This class is used for objects that contain information that pertains to a position or role within an organization, such as a system administrator, manager, and so on. It can also be used for a nonhuman identity in an organization.|
|OrganizationalUnit||A container for storing users, computers, and other account objects.|
|Person||Contains personal information about a user.|
|PosixAccount||Represents an abstraction of an account with Portable Operating System Interface (POSIX) attributes.|
|PosixGroup||Represents an abstraction of a group of accounts.|
|PrintQueue||Contains information about a print queue.|
|SecurityObject||This is an auxiliary class that is used to identify security principals.|
|SecurityPrincipal||Contains the security information for an object.|
|Server||This class represents a server computer in a site.|
|Site||A container for storing server objects. Represents a physical location that contains computers. Used to manage replication.|
|Top||The top level class from which all classes are derived.|
|TrustedDomain||An object that represents a domain trusted by (or trusting) the local domain.|
|User||This class is used to store information about an employee or contractor who works for an organization. It is also possible to apply this class to long term visitors.|
- Accumulated builds are supported because all tables have string columns.
- Aggregate functions are not supported