Auto-enrolling users by importing data from external databases

Using this option, you can connect databases such as Oracle, MS SQL, MySQL, and PostgreSQL with ADSelfService Plus, and import the enrollment data stored in them. This option comes in handy if you already have all the necessary enrollment data stored in an external database. Before importing the enrollment data, make sure to configure the settings for the respective authenticators in the self-service policies. To learn more on how to set up the authenticators supported by ADSelfService Plus, click here.

Import data formats

The data imported should follow the specified formats for each authenticator as mentioned in the table below.

Column name can be any name that you set for your database specified via the SQL.

Column names	Allowed formats
question	It must be a security question. Eg., What is your favourite colour?
answer	It must be the corresponding answer to the security question. Eg., Yellow.
mobile	It must contain numbers 0 through 9.
mail	It must be a valid email address
sAMAccountName	It must be a valid user in AD.
googleauthsecretkey	It must contain letters "A-Z" or "a-z" and numbers "2-7".
microsoftauthsecretkey	It must contain letters "A-Z" or "a-z" and numbers "0-9".
zohooneauthsecretkey	It must contain letters "A-Z" or "a-z" and numbers "0-9".
customtotpsecretkey	It must contain letters "A-Z" or "a-z" and numbers "0-9".
customtotphardwareserialnumber	It must contain letters "A-Z" or "a-z" and numbers "0-9".

Steps for establishing a connection with the external database

1. Log in to the ADSelfService Plus web console as an admin.
2. Navigate to  Configuration → Administrative Tools → Quick Enrollment → Import Enrollment Data from External Database.
3. Click Add New Data Source.
4. Enter a Connection Name for the data source.
5. Select the type of database that you want to connect to from the Select DB Server drop-down.
6. Enter the Host Name/IP Address and Port number of the database server.
7. Enter the name of the database that stores your enrollment data in the DB Name field.
8. In the Username and Password fields, enter the credentials of a user who has privileges to query the database server.
9. Click Create.

   

Steps for fetching data from the connected database (or) Steps for importing data from the connected database

1. Back on the Import Enrollment Data from External Database screen, click Add New Fetcher.
2. Enter a name in the Fetcher Name field.
3. Select the connection that you just created from the Select the Connection drop-down.
4. Select a policy from the Select Policy drop-down.
5. Select the enrollment data that you want to import from the Import drop-down.
6. In the SQL Query field, type the appropriate query to fetch the necessary data from the database table. For example, if you have configured Security Question & Answer and Hardware Token and wish to import the data for these authenticators, the following is the sample query that needs to be entered.

   Sample query: 

   Select UserName, Question, Answer, CustomTOTPSecretKey, CustomTOTPHardwareSerialNumber from TableName; 

   Important note: The query with the values to be fetched entered should follow the order in which the authenticators for which the data needs to be imported are checked/selected.
7. Click Save.

   

Methods to import user enrollment data

• Manually : If there are new users added to the database, then simply click the Fetch Again icon to enroll the newly added users.
• Automatically : You can also set up a scheduler to update the enrollment data of new users at regular intervals automatically.