# Active Directory Connector ## Overview This page describes the process of setting up an Active Directory connector for actions or data source configurations. ## Prepare Before configuring the Active Directory connector you will need to ensure that you gather the following information:

Field	Description
Host	Enter the address of of the system you are attempting connection with. It may be in the form of a URL or an IP address.
Port	The port number of the server to which the connection should be established. The default port number for unsecured connection is 389 and for secure 636
Base DN	Specifies the base DN for all searches. Only entries at or below this location in the server will be considered potential matches.
Connection Type	Enter WINRM_INTERNAL
Distinguished Name	Enter the User DN
Password	The password for the User DN found in the field above.

## Integration Setup To set up an Active Directory integration: 1. In the Aisera Admin UI navigate to **Settings > Integrations** 2. Click on **+ New Integration** 3. In the menu, select **Active Directory** and click **Next**

4. Enter the Configuration details and click **Next**

Field	Description
Name	The name used to identify the integration
Public	This determines whether the integrations will be used outside of the Firewall. Disable this if you are going to use a Remote Executor.
Description	A description of the integration and it's purpose

5. Enter the gathered Authentication details

6. Click OK to save the Integration ## Data Source Setup To set up the Active Directory Data Source: 1. In the Aisera Admin UI navigate to **Settings > Data Sources** 2. Click **+ New Data Source** in the upper right corner 3. Select **Active Directory** and click **Next**

4. Enter the General Details and click **Next**
| Field | Description | | ------------- | ------------------------------------------------------------------------------------------------------- | | Name | The name used to identify the data source | | Integration | The integration with the necessary authentication information for data retrieval | | Functions | Functions dictate how a data source behaves and what data is ingested into the Aisera platform. | | Schedule | This determines how often the Data Source will request new data. | | Public Domain | If a data source is public, related Knowledge Base Articles will show as hints for question to the bot. | | Description | A description of the integration and it's purpose | 5. All remaining options are optional. See the section below for more information. Click **Next** until the window closes to complete the creation of the **Data Source** ## Optional Configurations ### Remote Executor Select if there is a Remote Executor used. Refer to the following section if RE is used. ### Bypass Test Connection Disable if you want to bypass the test connection ### Transformation Script This field is used to transform data at it is being ingested into the Aisera platform. This script is written in JavaScript. ## Post Setup Actions ### Data Source Setup through Remote Executor The following article documents more about the [Aisera Remote Executor](https://docs.aisera.com/aisera-platform/adding-data-to-your-tenant/integrations-and-data-sources/remote-executor). In the case of an on premises integration, Aisera has the capability of using the Remote Executor architecture. The remote executor acts on behalf of the Aisera platform, receiving commands to execute over HTTPS, and returning data to the Aisera platform. In the case of an on premises integration, PowerShell commands are used to interact with Active Directory. The remote executor must be installed and hosted within a Windows environment on your network. #### Prerequisites To use PowerShell you need to import an Active Directory Module that consolidates a group of cmdlets used to manage Active Directory. On the Active Directory Domain Controller, open a PowerShell with elevated privileges and run the following command. ```powershell import-module ActiveDirectory ``` #### Remote Executor Flow Next, you will create a [Workflow](https://docs.aisera.com/aisera-platform/ai-automation-optimize-flow/ai-workflow-studio) that will be used by the Connector to execute PowerShell commands to get Users or Groups. #### **Data Source Configuration** You will need to update the data source configurations to enable the **Remote Executor** 1. In the Aisera Admin UI, navigate to **Settings > Data Sources** 2. Select the desired Active Directory Data Source 3. On the **Data Source Details** page click the **Pencil** icon in the top right to begin editing the data source configurations 4. Click **Next** to navigate to **Step 2 of 3: Configurations** 5. Using the **Remote Executor** dropdown, select **Yes** 6. In the **AiseraGPT** field, select the Aisera Application that contains the workflow created previously 7. In the **Workflow** field, select the workflow created to execute PowerShell commands on the Active Directory Domain Controller

8. Select **Next**, then **Ok** to save the changed configurations. #### **Active Directory Actions** Most of the actions require Read-only permissions on Users, Groups and Computers objects. The built-in Domain Users group already has bare minimum rights, to read user, group and computer objects from the directory. A user that belongs to this group will have sufficient rights to execute the following actions: * Check if User is Enabled * Get all Groups for Active Directory * Get Computers from Active Directory * Get Expiring accounts * Get Expiring passwords * Get phone number * Get User information * Get User status * List Owners of an AD group The actions that need write permissions are the following: * Modify Group for Active Directory * Reset Password * Set Phone number for Active Directory * Update Account Expiration Date To perform these actions a user or group must be granted the following permissions: * Reset password * R/W pdwlastset * R/W memberOf * R/W Telephone Number