AD Service2

The AD Service2 Service Type provides read capabilities for Active Directory (AD) entities like Users, Groups and Organizational Units (OUs). It is commonly used to read user data from AD, or to list Group and OU membership. A service instance of this service type is registered automatically when you install K2.

Service Keys (Service Instance Configuration Settings)

Key Can be modified Data Type Sample Value Notes
LDAP Yes Text OU1 The sequence of the LDAP entries must correspond with the NETBIOSNAME entries. Example: In this example two domains are configured; Domain1 and Domain2. LDAP: LDAP://DC=DOMAIN1,DC=COM; LDAP://DC=DOMAIN2,DC=COM NETBIOSNAME: DOMAIN1;DOMAIN2 .
NETBIOSNAME Yes Text DOMAIN1.COM The sequence in which the LDAP paths were added must correspond to the sequence in which the NETBIOSNAME were added.
RAISEERROR Yes True/ False
ResolveNestedGroups Yes True/ False

Default: False

Activating this property could have performance implications for highly hierarchical group structures.

Service Objects

The Active Directory service exposes the following Service Objects:

  • AD Group
  • AD Organizational Unit
  • AD User

SmartObjects

K2 does not automatically create SmartObjects for the Service Objects in this service. SmartObjects can be automatically created by selecting the Generate SmartObjects for this Service Instance check box when creating a new Service Instance. Designers can use the SmartObject design tools to build advanced SmartObjects that leverage the Service Objects in this service. It is recommended to use the SmartObject design tools to create SmartObjects rather than generating SmartObjects, since this allows better control over the naming, behavior and design of the SmartObject and its methods and properties.

Considerations

  • The default Service Instance of this service is used internally by the K2 environment. Do not modify or delete the existing service instance. You can create a new instance or use the methods from the existing instance
  • If you want to create folders in Active Directory to use with any of the SmartObject methods, you must use the Active Directory user interface to do this. You cannot use the AD User Create SmartObject method to create a folder in Active Directory.