Difference between revisions of "SQL User Import"

== Installation Overview ==

== Installation Overview ==

=== Windows Installation ===

=== Windows Installation ===

* Extract zip into a folder you would like the application to run from e.g. '''C:\Hornbill_Import\'''

* Extract zip into a folder you would like the application to run from e.g. '''C:\Hornbill_Import\'''

* Open '''conf.json''' and add in the necessary configration

* Open '''conf.json''' and add in the necessary configration

== Configuration Overview ==

== Configuration Overview ==

   {

   {

     "UserID": "winaccount", /* the FIELD name  */

     "UserID": "winaccount", /* the FIELD name  */

     "Encrypt": false, /* options : true/false ; [2] */

     "Encrypt": false, /* options : true/false ; [2] */

       "CurrencySymbol":"", /* any character */

       "CurrencySymbol":"", /* any character */

       "CountryCode":"" /* expects ISO 3166 Alpha 2 two Character Country Code [https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes (see here)] */

       "CountryCode":"" /* expects ISO 3166 Alpha 2 two Character Country Code [https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes (see here)] */

     },

     },

     "Type":{

     "Type":{

     , "Image":{

     , "Image":{

       "Action":"Both" /* options : Create/Update/Both ; on what action to change the Image */

       "Action":"Both" /* options : Create/Update/Both ; on what action to change the Image */

       , "InsecureSkipVerify": false

       , "InsecureSkipVerify": false

       , "ImageType": "jpg" /* options : jpg/png */

       , "ImageType": "jpg" /* options : jpg/png */

# specify whether the connection between the script and the database should be encrypted. NOTE: There is a bug in SQL Server 2008 and below that causes the connection to fail if the connection is encrypted. Only set this to true if your SQL Server has been patched accordingly

# specify whether the connection between the script and the database should be encrypted. NOTE: There is a bug in SQL Server 2008 and below that causes the connection to fail if the connection is encrypted. Only set this to true if your SQL Server has been patched accordingly

# please note that all field names are specificied as lowercase - this is to ensure smooth running for the mapped fields (as they are case-sensitive). Also, by specifying each field in use, one is following SQL best practice as it prevents unnecessary/unused data to be stored and processed (longvarchar and blob fields, for instance, take up a lot of memory). '''For CSV''' please use UPPERCASE for all field names and, also, do NOT use spaces in the headers (fieldnames).

# please note that all field names are specificied as lowercase - this is to ensure smooth running for the mapped fields (as they are case-sensitive). Also, by specifying each field in use, one is following SQL best practice as it prevents unnecessary/unused data to be stored and processed (longvarchar and blob fields, for instance, take up a lot of memory). '''For CSV''' please use UPPERCASE for all field names and, also, do NOT use spaces in the headers (fieldnames).

Hornbill can store a manager relationship between two users in Hornbill. The manager look up mechanism works as follows:

Hornbill can store a manager relationship between two users in Hornbill. The manager look up mechanism works as follows:

# The import reads the contents of the value attribute which will contain the some text identifying the manager eg "''mgrfirstname mgrlastname''"

# The import reads the contents of the value attribute which will contain the some text identifying the manager eg "''mgrfirstname mgrlastname''"

# The import is hard-coded to remove any slash and comma in the result.

# The import is hard-coded to remove any slash and comma in the result.

# With the "Reverse" option enabled, the above string would be reversed to give: "''mgrlastname mgrfirstname''"

# With the "Reverse" option enabled, the above string would be reversed to give: "''mgrlastname mgrfirstname''"

* file - Defaults to '''''conf.json''''' - Name of the Configuration file to load

* file - Defaults to '''''conf.json''''' - Name of the Configuration file to load

* dryrun - Defaults to '''''false''''' - Set to True and the XMLMC for Create and Update users will not be called and instead the XML will be dumped to the log file, this is to aid in debugging the initial connection information.

* dryrun - Defaults to '''''false''''' - Set to True and the XMLMC for Create and Update users will not be called and instead the XML will be dumped to the log file, this is to aid in debugging the initial connection information.

* workers - Defaults to `3` - Allows you to change the number of worker threads used to process the import, this can improve performance on slow import but using too many workers have a detriment to performance of your Hornbill instance.

* workers - Defaults to `3` - Allows you to change the number of worker threads used to process the import, this can improve performance on slow import but using too many workers have a detriment to performance of your Hornbill instance.

== Testing Overview ==

== Testing Overview ==

<code>

<code>

</code>

</code>

== Logging Overview ==

== Logging Overview ==

All Logging output is saved in the "log" directory which can be found in the same location as the executable. The file name contains the date and time the import was run '''''SQL_User_Import_2015-11-06T14-26-13Z.log'''''

All Logging output is saved in the "log" directory which can be found in the same location as the executable. The file name contains the date and time the import was run '''''SQL_User_Import_2015-11-06T14-26-13Z.log'''''

Below are some common errors that you may encounter in the log file and what they mean:

Below are some common errors that you may encounter in the log file and what they mean:

* ''' ''[ERROR] Error Decoding Configuration File:.....'' ''' - this will be typically due to a missing quote (") or comma (,) somewhere in the configuration file. This is where an online JSON viewer/validator can come in handy rather than trawling the conf file looking for that proverbial needle in a haystack.

* ''' ''[ERROR] Error Decoding Configuration File:.....'' ''' - this will be typically due to a missing quote (") or comma (,) somewhere in the configuration file. This is where an online JSON viewer/validator can come in handy rather than trawling the conf file looking for that proverbial needle in a haystack.

* ''' ''[ERROR] Unable to Create User: Invalid value for parameter '[parameter name]': The text size provided (31 characters) is greater than the maximum allowable size of 20 characters for column [column name]'' ''' - the contents of your directory attribute exceed the maximum number of characters that can be placed in the Hornbill database column.

* ''' ''[ERROR] Unable to Create User: Invalid value for parameter '[parameter name]': The text size provided (31 characters) is greater than the maximum allowable size of 20 characters for column [column name]'' ''' - the contents of your directory attribute exceed the maximum number of characters that can be placed in the Hornbill database column.

* ''' ''[ERROR] Unable to Create User: The value in element <userId> did not meet the required input pattern constraints. at location '/methodCall/params/userId' '' ''' - the user id contains characters that are not allowed. The User Id should be made up of alphanumeric characters. Full stops (.) and underscores (_) are also supported.

* ''' ''[ERROR] Unable to Create User: The value in element <userId> did not meet the required input pattern constraints. at location '/methodCall/params/userId' '' ''' - the user id contains characters that are not allowed. The User Id should be made up of alphanumeric characters. Full stops (.) and underscores (_) are also supported.

* ''' ''[ERROR] Unable to Update User: Invalid value for parameter '[parameter name]': Error setting value for column '[column name]'. bad lexical cast: source type value could not be interpreted as target'' ''' - this error is indicating that the contents of your directory attribute are in a format that is not compatible with the type of the Hornbill database column. For example, you will get this when trying to place text into a database field that is of type "INT" (accepts integer values only).

* ''' ''[ERROR] Unable to Update User: Invalid value for parameter '[parameter name]': Error setting value for column '[column name]'. bad lexical cast: source type value could not be interpreted as target'' ''' - this error is indicating that the contents of your directory attribute are in a format that is not compatible with the type of the Hornbill database column. For example, you will get this when trying to place text into a database field that is of type "INT" (accepts integer values only).

* ''' ''[ERROR] Unable to Load LDAP Attribute: '[LDAP attribute name]' For Input Param: '[Hornbill Parameter name]' '' ''' - When the import utility is unable to load a particular LDAP attribute, this means that the attribute field in your directory does not contain a value. This error will not prevent the user account being created or updated in Hornbill and can be considered more as a warning rather than an outright failure or problem.

* ''' ''[ERROR] Unable to Load LDAP Attribute: '[LDAP attribute name]' For Input Param: '[Hornbill Parameter name]' '' ''' - When the import utility is unable to load a particular LDAP attribute, this means that the attribute field in your directory does not contain a value. This error will not prevent the user account being created or updated in Hornbill and can be considered more as a warning rather than an outright failure or problem.

=== Error Codes ===

=== Error Codes ===

* '''102''' - Unable to Load Configuration File

* '''102''' - Unable to Load Configuration File

You can schedule .exe to run with any optional command line argument from Windows Task Scheduler.

You can schedule .exe to run with any optional command line argument from Windows Task Scheduler.

* Ensure the user account running the task has rights to ldap_import.exe and the containing folder.

* Ensure the user account running the task has rights to ldap_import.exe and the containing folder.

As of Server Release 2494 a default role '''User Import''' is delivered which has all the necessary rights to import / update users. The exception to this is any roles you try and assign to users being imported must be assigned to the user account logging in and running the import, this is due to a security measure that prevents you inflating your own rights or giving a user more rights than you have yourself.  

As of Server Release 2494 a default role '''User Import''' is delivered which has all the necessary rights to import / update users. The exception to this is any roles you try and assign to users being imported must be assigned to the user account logging in and running the import, this is due to a security measure that prevents you inflating your own rights or giving a user more rights than you have yourself.  

The following rights are required by any user account being used to run the User Import tool.

The following rights are required by any user account being used to run the User Import tool.

'''Group A (Accounts)'''

'''Group A (Accounts)'''

* Manage Users

* Manage Users

* Update Users

* Update Users

[[File:Screen_Shot_2016-02-26_at_07.59.50.png]]

[[File:Screen_Shot_2016-02-26_at_07.59.50.png]]

'''h_sys_accounts'''

'''h_sys_accounts'''

* Browse

* Browse

* Add

* Add

[[File:Screen_Shot_2016-03-02_at_10.00.30.png]]

[[File:Screen_Shot_2016-03-02_at_10.00.30.png]]