Objective: To integrate ADManager Plus with ServiceDesk Plus

Solution: The ADManager Plus-ServiceDesk Plus integration allows administrators to perform Active Directory management operations directly from the ServiceDesk Plus console. Using the ServiceDesk Plus console, administrators or help desk technicians can perform the following tasks:

• Provision and deprovision users.

• Enable and disable AD users.

• Add and remove users to and from groups.

• Modify the department and manager attributes of users.

• Set and remove folder permissions.

• Reset passwords of users.

• Unlock AD user accounts.

Prerequisites for integrating ADManager Plus with ServiceDesk Plus:  

Ensure that the following conditions are fulfilled before integrating ADManager Plus with ServiceDesk Plus:

1. Ensure that the ADManager Plus and ServiceDesk Plus servers are up and running.

2. Ensure that the domain configured in ADManager Plus is also configured in ServiceDesk Plus. For this:

1. Logon to ServiceDesk Plus using administrator credentials.

2. Navigate to the Admin tab and search for Windows Domain Scan.

3. Click Add new domain.

4. Enter the domain name, domain controller name, and the credentials with which the ServiceDesk Plus technician should log on to the domain controller.

5. Click Save.

Steps to integrate ADManager Plus with ServiceDesk Plus:  

• Step 1: Enable tight integration between ADManager Plus and ServiceDesk Plus  

In the ServiceDesk Plus console:

1. Login to ServiceDesk Plus using administrator credentials.

2. Navigate to the Admin tab, scroll down to the Integrations section and click ADManager Plus.

3. Enter the name of the server where ADManager Plus is installed.

4. Enter the port number for ADManager Plus (for eg: 8080).

5. Select HTTPS or HTTP as configured in ADManager Plus.

6. Click Test connection and save.

Note: If ADManager Plus is running in HTTPS mode, the SSL certificate of ADManager Plus must be imported in ServiceDesk Plus. Follow these steps to directly add the certificate in ServiceDesk Plus.

In the ADManager Plus console:

1. Login to ADManager Plus.

2. Navigate to the Admin tab and select the Integrations section. Click the ServiceDesk Plus icon.

3. Enter the name of the server where ServiceDesk Plus is installed.

4. Enter the port number for ServiceDesk Plus.

5. Enter the integration key generated in the ServiceDesk Plus portal. Click here to learn how to generate the integration key.

6. Select HTTPS or HTTP depending on whether you've enabled SSL for ServiceDesk Plus.

If HTTPS is configured in ServiceDesk Plus, then follow the steps given below:

• If the certificate configured in ServiceDesk Plus is a CER certificate, then apply the SSL certificate of ServiceDesk Plus in ADManager Plus.

• If the certificate to be configured is a PFX certificate:

1. Install the PFX certificate:

1. Right click on the PFX certificate and click Install Certificate.

2. Select the Target store as Trusted Root Certificate Authorities.

3. Click Install and complete the installation process.

2. Export the certificate:

1. Launch the Manage Computer Certificates program.

2. Navigate to Trusted Root Certification Authorities and click Certificates.

3. Find the required certificates using the Issued To column which usually contains the domain name of the organization or *.domain name in case of Wildcard certificates.

4. Right click on the required certificate, click All Tasks, and click Export.

5. Select DER encode binary X.509 (.CER) as the file format in which you want to export the certificate file.

6. Provide a suitable file name (say sdp-ssl-cert-1.cer) for the exported certificate, and click Finish.

Note: A PFX file might contain more than one certificate. Locate each of those files and perform the steps e,f,g on them.

3. Import the certificate to ADManager Plus

1. Copy all the exported certificate files of ServiceDesk Plus.

2. Logon to the server on which ADManager Plus is installed.

3. Navigate to the installationdirectory\ADManager Plus\jre\bin folder and paste all the copied files.

4. Launch the command prompt from the same location.

5. Execute the following command individually for all the certificate files: keytool -import -trustcacerts -alias sdp_ssl_cert_1 -file sdp-ssl-cert-1.cer -keystore ..\lib\security\cacerts

6. Enter the password as 'changeit'.

7. Type 'yes' in order to trust the certificates.

7. Select the Enable tight integration between ADManager Plus and ServiceDesk Plus option.

8. Click Test connection and save.

• Step 2: Assign the help desk technician role to a user in ADManager Plus  

Go to ADManager Plus and assign a user as a technician in the same domain. Provide all the required roles to that technician.

To create a technician and assign all the required AD roles in ADManager Plus,

1. Go to the Delegation tab, click Add new technician.

2. Select the domain name, user account, OU and the roles that you want to assign.

3. Select the Impersonate as admin option and click Save.

• Step 3: Create the same technician in ServiceDesk Plus  

To create the same technician in ServiceDesk Plus,

1. Navigate to the ServiceDesk Plus console and search for Technicians.

2. Click Add new technician, enter the details of that technician, and delegate a specific role to this technician.

3. Click Enable login for technician, enter the same login credentials as given in ADManager Plus, and click Save.

Note: Ensure that the Technician's Login name and domain match in both ADManager Plus and ServiceDesk Plus, while their passwords can vary.

4. Login to ServiceDesk Plus using the credentials of the new technician. You must now be able to perform AD tasks right from the ServiceDesk Plus console.

• Step 4: Assign required AD operations to the new technicians  

In the ServiceDesk Plus console:

1. Type ADManager Plus in the search bar, press enter and scroll down to all the AD operations that can be performed.

2. Select the operation you wish to delegate to a specific technician.

3. Under Associate Roles, click Select Roles.

4. Search for and select the role assigned to that technician in the previous step.

• Step 5: Perform AD tasks via ServiceDesk Plus  

A. Steps to execute an AD tasks directly from a ticket.

1. Login to ServiceDesk Plus using the credentials of the technician who is allowed to execute AD operations.

2. Click the ticket for which the AD task has to be performed.

3. Click Custom Actions, select the desired AD operation, and execute it based on the details specified in the ticket.

B. Steps to execute AD tasks from the ADManager Plus header.

1. Login to ServiceDesk Plus using the credentials of the technician who is allowed to execute AD operations.

2. Navigate to ADManager Plus header and click Active Directory User Management.

3. Select the desired AD operation, and execute it.

Click here to know more about the ADManager Plus-ServiceDesk Plus integration. Also, here's a video that will help you gain a deeper understanding about the ADManager Plus-ServiceDesk Plus integration.