Step 2: Add & configure an AD target system (tutorial)

In this step, we'll add an AD target system and configure its data model.

Add the AD target system

Go to Systems > Overview.
Click Add.
Select Active Directory for System Type.
Enter a System Name.
For this example, AD.
Click Save.
The new system is added to the Configured Systems pane.
Click Configure.
Enter your AD Domain.
For example, t4edemo.com.
Click Test Connection. If NIM can successfully communicate with your AD domain, a success message is returned.
Click Save.
Go to the Configuration tab.
Optional:In the Search Base dropdown, change the root OU that NIM will work from.
For this example, we'll select t4edemo.com/docs.
Select the checkbox for each data table to collect from AD.
For this example, we'll select Groups, Memberships, OrganizationalUnits, and Users.
Click Save.
Click Collect, to initially collect data for the AD system.
1. Expand this system's table list and go to one of the tables to confirm that data has been collected.
Tip
If your AD table(s) don't have any columns after you collect, make sure you have at least one user, one group, and one group membership inside your chosen Search Base.

Select attributes to collect

Expand this system's table list and go to the Users table. Then go to the Settings tab.
By default, the following user attributes are collected from AD: cn, distinguishedName, Enabled, givenName, objectClass, objectGUID, objectSid, path, sAMAccountName, sn, and userPrincipalName.
For this example, we'll additionally collect the employeeID:
Click Save.
Finally, collect this system's data again by going to the Overview and clicking Collect. While we're here, we will also collect the CSV system again, just in case it has changed.
Tip
You should collect data often, especially after altering a system's configuration or data model. There is little to no downside involved in collecting data, and it ensures that the vault is up to date.

Assign primary keys

The next step is to assign primary keys to tables, like we did for the CSV system.

Expand this system's table list and go to the Users table. Then go to the Columns tab.
We'll select the objectGUID as this table's Key, and distinguishedName as its Display Name.
Click Save.
Repeat this process for the other data tables in this system. Set the primary keys and display names as follows:
Table
Key
Display Name
Users
objectGUID
distinguishedName
OrganizationalUnits
objectGUID
distinguishedName
Memberships
-
-
Groups
objectGUID
distinguishedName
Tip
The Memberships table in an AD system should neither have a Key nor a Display Name, because it has no uniquely identifying column, but rather serves as a junction between users and groups.
Finally, collect this system's data again, by going to the Overview and clicking Collect.

Table	Key	Display Name
Users	objectGUID	distinguishedName
OrganizationalUnits	objectGUID	distinguishedName
Memberships	-	-
Groups	objectGUID	distinguishedName

Set up intra-system relations

The final step is to establish relations between tables in this system, like we did for the CSV system.

There is only one table in our AD target system that needs intra-system relations — the Memberships table, which stands in between users and groups.

Expand the AD system's table list and go to the Memberships table. Then go to the Relations tab.
Manually add the following foreign-primary key relations:
- Foreign key group of Memberships table (N) → primary key objectGUID of Groups table (1)
- Foreign key member of Memberships table (N) → primary key objectGUID of Users table (1)
- Foreign key group of Memberships table (N) → foreign key member of Memberships table (N)
Tip
Unlike in the CSV system, we cannot use the Determine Relations Automatically feature here.
Click Save.
Collect both systems' data once again, by going to the Overview and clicking Collect for each system.

Next: Step 3: Inter-system relations

In this section: