PortSight Secure Access Documentation

Setting Up the ODBC Import


     Sample database

 We will use a sample Microsoft Access database in this guide. You can find it in the "Examples\Import\TestODBC.mdb" file under the Secure Access installation folder.


Choose the catalog you want to import external data to and then click "New" in the "Directory Ports" dialog. The "Directory Port Settings Wizard" opens.


Enter some name and choose required type of the data source. Click "Next".

Step 1 - Name and Type of the Directory Port


Enter the connection string. Enter the following value for the sample database:


Driver={Microsoft Access Driver (*.mdb)};DBQ=c:\program files\portsight secure access\2.0\examples\import\testodbc.mdb


You can use the connection string to connect to a variety of data sources, including an ODBC data source name (DSN). The following example illustrates several possible connection strings.


Driver={SQL Server};Server=MyServer;UID=sa;PWD=sqLs$5xr;Database=Northwind;
Driver={Microsoft ODBC for Oracle};Server=ORACLE8i7;UID=odbcuser;PWD=odbc$5xr
Driver={Microsoft Access Driver (*.mdb)};DBQ=c:\bin\nwind.mdb
Driver={Microsoft Excel Driver (*.xls)};DBQ=c:\bin\book1.xls
Driver={Microsoft Text Driver (*.txt; *.csv)};DBQ=c:\bin


The ODBC .NET Data Provider does not support the Persist Security Info value that is supported by other .NET data providers. However, the Connection String property behaves as though Persist Security Info were set to false. For more details about connection string usage in the ODBC .NET Data Provider please see appropriate documentation or visit Microsoft MSDN online.

It's strongly recommend that you test the entered connection string by clicking on the "Test" button. This function tries to open a connection to the data source using the specified connection string.


Click "Next" to continue.

Note: The password is stored in an encrypted file catalogs.xml.

Step 2 - Data Source Configuration



Now you can choose what will be imported from the domain:


You can also choose if you want to delete accounts in the Secure Access database after they were deleted from the domain.


During the import are generated various events (before/after importing new user,  group, organizational units) and you may hook up these events and programmatically respond to them. In the "Custom Event Handler" section you may specify for each object type path to the DLL that contains specified event handler class. Handling events may be useful when you need to update details of the newly imported accounts or you need to perform some cleaning after deleting an account. For more details about how to write your own event handler class please refer to the Writing Custom Event Handler chapter.


Step 3 - Choosing Types of Selected Objects


In the next step, you can specify items that will be or will NOT be imported. By default, all items found in the data source are imported. You can modify this by choosing one of two modes:

This is useful if you need to exclude system accounts from the import.

Step 4 - Choosing Objects to Be Imported



In this step, you can map properties of the source object (user or group) to the target object. The left-most column contains source fields (properties of the domain user). The right-most column contains the target field (property of the user in the Secure Access catalog).


There are the following default source fields:


In the right-most column you can choose the target field the value will be stored in. The drop-down list contains names of the target properties (marked as "internal") as well as custom-defined properties. If you need to create a new custom property, you can do it by entering it alias in the "New Property Alias" field and clicking "Create".


    Important Notes - PLEASE READ THIS
  1. The field you map to AR_ObjectGUID must be used only for one directory port. It can't be used for several directory ports and it also can't be used for storing other data.
  2. The target fields may only be of string type.
  3. The provider doesn't consider if the account is disabled or not in this version. You're supposed to import domain users for applications that use Windows NT authentication. Thus if the account is disabled or locked out, the user cannot log on into the domain and it's not necessary to check the account validity in Secure Access.


Step 5/6/7 - Mapping Properties of Users, User Groups and Organizational Units



Specify if you want to run import manually or if you want to schedule a regular import with specified period. Click "Finish" to complete the wizard. Now you can either wait until the import runs automatically (if you chose the regular import) or you can click the "Import Now" in the "Directory Ports" dialog to start import immediately.


Step 8 - Schedule Import



    For Your Information

ODBC Data Provider providing access to native ODBC drivers is not included by default in the .NET Framework 1.0 or 1.1, but it can be downloaded from Microsoft Download. The ODBC .NET Data Provider is intended to work with all compliant ODBC drivers but only the following drivers have been tested with the ODBC .NET Data Provider: Microsoft SQL ODBC Driver, Microsoft ODBC Driver for Oracle, Microsoft Jet ODBC Driver.