The ADManager Plus-SeviceDesk Plus integration allows administrators to perform Active Directory management operations directly from the ServiceDesk Plus console. Using the ServiceDesk Plus console, administrators or help desk technicians can perform the following tasks:
- Create, delete, enable or disable AD users.
- Add or remove users from groups.
- Modify the department or manager attribute of users.
- Set or remove folder permissions.
- Reset passwords of users.
- Unlock AD user accounts.
Prerequisites for integrating ADManager Plus with ServiceDesk Plus:
Ensure that the following conditions are fulfilled before integrating ADManager Plus with ServiceDesk Plus:
- Ensure that the ADManager Plus and ServiceDesk Plus servers are up and running.
- Ensure that the domain configured in ADManager Plus is also configured in ServiceDesk Plus. For this:
- Logon to ServiceDesk Plus using administrator credentials.
- Navigate to the Admin tab and search for Windows Domain Scan.
- Click on Add new domain.
- Enter the domain name, domain controller name, and the credentials with which the ServiceDesk Plus technician should log on to the domain controller.
- Click on Save and Scan, select the OU tree of the domain and let the scan begin.
Steps to integrate ADManager Plus with ServiceDesk Plus:
Step 1: Enable tight integration between ADManager Plus and ServiceDesk Plus
In the ServiceDesk Plus console:
- Login to ServiceDesk Plus using administrator credentials.
- Navigate to the Admin tab, scroll down to the Integrations section and click on ADManager Plus.
- Enter the name of the server where ADManager Plus is installed.
- Enter the port number for ADManager Plus (for eg: 8080).
- Select HTTPS or HTTP as configured in ADManager Plus.
- Click on Test connection and save.
In the ADManager Plus console:
- Login to ADManager Plus.
- Navigate to the Admin tab and click on the Integrations section. Click on the ServiceDesk Plus icon.
- Enter the name of the server where ServiceDesk Plus is installed.
- Enter the port number for ServiceDesk Plus.
- Select HTTPS or HTTP depending on whether you've enabled SSL for ServiceDesk Plus.
If HTTPS is configured in ServiceDesk Plus, then follow the steps given below:
- If the certificate configured in ServiceDesk Plus is a CER certificate, then apply the SSL certificate of ServiceDesk Plus in ADManager Plus.
- If the certificate to be configured is a PFX certificate:
- Install the PFX certificate:
- Right click on the PFX certificate and click on Install Certificate.
- Select the Target store as Trusted Root Certificate Authorities.
- Click on Install and complete the installation process.
- Export the certificate:
- Launch the Manage Computer Certificates program.
- Navigate to Trusted Root Certification Authorities and click on Certificates.
- Find the required certificates using the Issued To column which usually contains the domain name of the organization or *.domain name in case of Wildcard certificates.
- Right click on the required certificate, click on All Tasks, and click on Export.
- Select DER encode binary X.509 (.CER) as the file format in which you want to export the certificate file.
- Provide a suitable file name (say sdp-ssl-cert-1.cer) for the exported certificate, and click Finish.
Note: A PFX file might contain more than one certificate. Locate each of those files and perform the steps e,f,g on them.
- Import the certificate to ADManager Plus
- Copy all the exported certificate files of ServiceDesk Plus.
- Logon to the server on which ADManager Plus is installed.
- Navigate to the installationdirectory\ADManager Plus\jre\bin folder and paste all the copied files.
- Launch the command prompt from the same location.
- Execute the following command individually for all the certificate files:
keytool -import -trustcacerts -alias sdp_ssl_cert_1 -file sdp-ssl-cert-1.cer -keystore ..\lib\security\cacerts
- Enter the password as 'changeit'.
- Type 'yes' in order to trust the certificates.
- Select the Enable tight integration between ADManager Plus and ServiceDesk Plus option.
- Click on Test connection and save.
Step 2: Assign the help desk technician role to a user in ADManager Plus
Go to ADManager Plus and assign a user as a technician in the same domain. Provide all the required roles to that technician.
To create a technician and assign all the required AD roles in ADManager Plus,
- Go to the Delegation tab, click on Add new technician.
- Select the domain name, user account, OU and the roles that you want to assign.
- Select the Impersonate as admin option and click on Save.
Step 3: Create the same technician in ServiceDesk Plus
To create the same technician in ServiceDesk Plus,
- Navigate to the ServiceDesk Plus console and search for Technicians.
- Click on Add new technician, enter the details of that technician, and delegate a specific role to this technician.
- Click on Enable login for technician, enter the same login credentials as given in ADManager Plus, and click on Save.
- Login to ServiceDesk Plus using the credentials of the new technician. You must now be able to perform AD tasks right from the ServiceDesk Plus console.
Step 4: Assign required AD operations to the new technicians
In the ServiceDesk Plus console:
- Type ADManager Plus in the search bar, press enter and scroll down to all the AD operations that can be performed.
- In order to delegate any AD operation to a specific technician, click on each operation, and select the role assigned to that technician in the previous step.
Step 5: Perform AD tasks via ServiceDesk Plus
- Login to ServiceDesk Plus using the credentials of the technician who is allowed to execute AD operations.
- Click on the ticket for which the AD task has to be performed.
- Click on Custom Actions, select the desired AD operation, and execute it based on the details specified in the ticket.