Important
This repository contains the connector and configuration code only. The implementer is responsible to acquire the connection details such as username, password, certificate, etc. You might even need to sign a contract or agreement with the supplier before implementing this connector. Please contact the client's application manager to coordinate the connector requirements.
HelloID-Conn-Prov-Target-SSRPM-AutoEnroll is a target connector.
It allows for the automated enrollment of Active Directory users in ssrpm.
Please note this connector requires the SSRPM profile options to see "Storage of User Answers" to "Clear Text". Therefore it may not be applicable to most SSRPM implementations, as this is not a recommended configuration in SSRPM.
SSRPM-AutoEnroll communicates directly with the SSRPM databae. For this connector you need to execute create-storedProcedures.sql on your SSRPM Database.
The following lifecycle actions are available:
| Action | Description |
|---|---|
| create.ps1 | Enrolls an Active Directory user into SSRPM |
| delete.ps1 | Removes an user from the enrolled users |
| update.ps1 | Updates properties of an enrolled user |
The correlation configuration is used to specify which properties will be used to match an existing account within SSRPM-AutoEnroll to a person in HelloID.
Correlation is based on the sAMAccountName. It requires the MicrosoftActiveDirectory connector to the user domain to be set to use account info
To properly setup the correlation:
-
Open the
Correlationtab. -
Specify the following configuration:
Setting Value Enable correlation TruePerson correlation field `Accounts.MicrosoftActiveDirectory.sAMAccountName Account correlation field SAMAccountName
Tip
For more information on correlation, please refer to our correlation documentation pages.
The field mapping can be imported by using the fieldMapping.json file.
The following settings are required to connect to the API.
| Setting | Description | Mandatory |
|---|---|---|
| ConnectionString | The complete sql connection string to connect to the database | Yes |
- HelloID Provisioning agent (cloud or on-prem).
- Stored procedures in you Database
- Connection variables (server, database optional login)
- HelloID service-account has read/write permissions on SSRPM-DB
- For this connector you need to execute create-storedProcedures.sql on your SSRPM Database. Make sure to modify the name of the database in this script to the name of your database.
- The ProfileID in the field configuration must be (one-time) manually looked up in the SSRPM database
- Note that the ProfileId specified here overrules the ProfileId configured for the user/group in ssrpm
Tip
For more information on how to configure a HelloID PowerShell connector, please refer to our documentation pages.
Tip
If you need help, feel free to ask questions on our forum.
The official HelloID documentation can be found at: https://docs.helloid.com/