Skip to main content

Bulk add Active Directory group members as Device42 users

Administrators can bulk import Microsoft Active Directory (AD) or LDAP group members as users in Device42, and can assign permissions in bulk using local Device42 groups as described below.

All Device42 users are considered to be "administrators". There are no end users of Device42. The only "end users" that are defined in Device42 are users (or owners) of assets inventoried in Device42.

Add AD/LDAP Settings

To begin, first configure your Active Directory Domain or LDAP settings.

Go to Tools > Settings > Active Directory Settings and click the Create button.

AD/LDAP list pageAD/LDAP list page

Fill out the settings accordingly for your AD or LDAP server. See the Active Directory and OpenLDAP Support page for more details.

Add AD/LDAP settingsAdd AD/LDAP settings

Add a User or Group Member List via AD

After you have created Active Directory Settings in Device42, you can use the distinguishedName (DN) for the group (and a valid login) to get the list of all the members in that group.

Navigate to Tools > Admins & Permissions > Administrators. From this screen, click the Create Active Directory Admin button.

Currently, the sync only works for members in the AD group itself. Group members that require recursive traversal of subgroups are not synced.

Add AD/LDAP settingsAdd AD/LDAP settings

You can save group DN properties - it makes it easier to add new users to that AD group. Just choose the saved DN group as described below and add new users.

Choose Members and Groups (for Permission)

Choose members and groups(for permission)

The Users listed are AD users that were displayed as a result of the choices on the prior screen. Note the Groups are not AD groups - they are Device42 Groups.

  1. In the Users box, select the users that you want to add as Device42 administrators and move them to the right side of the Users dialog.

  2. Next, in the Groups box, select one or more Device42 groups for these users and move them to the right dialog box.

  3. Click the Add above users button. The selected users will become Device42 administrators and receive the permissions of the selected groups.

Example - Finding your Group DN in Active Directory

The following example demonstrates finding a group in Active Directory. The group DN is:

cn=D42ReadOnly,cn=Users,dc=device42,dc=pvt

In this example, the group name D42ReadOnly is in the container named "Users".

An example - how to get Group DN in Active Directory

Under the group properties with advanced features enabled in Active Directory Users and Computers, go to the attribute editor and copy the distinguishedName as shown in the image above.