Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

AD or ADSI connector

SaradhaMohanraj
New Contributor
New Contributor

Hi, We have multiple domains that need to be integrated to saviynt, and trying to determine the best approach AD or ADSI connector. Can someone help with the best approach?

1) We have standard users from domain A to be imported.

2) We have service accounts and other secondary accounts in domain A which has to be imported as separate endpoint.

3) Service accounts and other secondary accounts in domain B which has to be imported as separate endpoints.

As we need to create separate endpoints for each account type from each domain, is it okay to use regular AD connection ? Or should we use the ADSI connector as there are 2 domains. Please help me with the best approach and solution.

 

Appreciate your quick help.

5 REPLIES 5

NM
Valued Contributor
Valued Contributor

Hi @SaradhaMohanraj, I will suggest to use AD connector as you will be having seperate endpoint for domain.. will still waiting for someone response ...

sangitaladi
Regular Contributor
Regular Contributor

Hi @saramohanraj,

 

Yes , your approach is correct. ADSI is not required in your case.

 

Regards,

Sangita Ladi

If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

 

 

rushikeshvartak
All-Star
All-Star

You can use AD Connector


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

SaradhaMohanraj
New Contributor
New Contributor

Thanks for reply everyone. Could someone tell me when should we go with ADSI connector. If I want to maintain separate endpoint for each domain and account type, should i create those many connections same as AD connector even if i go with ADSI? or ADSI helps to achieve separate endpoints with a single connection. What's the ideal benefit of ADSI. I have not worked on ADSI connector, so trying to understand.

The ADSI (Active Directory Service Interfaces) connector in Saviynt is used for integrating with Active Directory and other LDAP-compliant directories. Here’s an overview of when to use the ADSI connector, its benefits, and how it handles connections and endpoints:

When to Use the ADSI Connector

  1. Complex Active Directory Environments: If you have a complex Active Directory environment with multiple domains and forests, the ADSI connector can be beneficial as it allows for more granular control over directory services.

  2. LDAP-Compliant Directories: If you need to integrate with LDAP-compliant directories other than Active Directory, the ADSI connector can be a suitable choice.

  3. Advanced Directory Operations: The ADSI connector supports advanced directory operations and can be used for more detailed and specific directory queries and updates.

Benefits of the ADSI Connector

  1. Granular Control: The ADSI connector provides more granular control over the integration with Active Directory, allowing for advanced configurations and customizations.

  2. Flexible Connection Management: The ADSI connector allows for flexible connection management, which can be advantageous in complex environments with multiple domains.

  3. Support for LDAP Directories: In addition to Active Directory, the ADSI connector supports other LDAP-compliant directories, providing versatility in directory integration.

Managing Separate Endpoints

  1. Multiple Connections for Each Domain: Similar to the AD connector, if you need to maintain separate endpoints for each domain and account type, you would typically create multiple connections. Each connection can be configured with specific settings for the domain and account type.

  2. Single Connection with Multiple Endpoints: While the ADSI connector offers more flexibility, it generally still requires multiple connections if you need to manage multiple endpoints separately. However, the configuration might be more straightforward and flexible compared to the AD connector.

Ideal Benefits

  • Detailed Attribute Mapping: ADSI allows for more detailed attribute mapping and custom attribute handling, which can be crucial for complex directory structures.
  • Advanced Query Capabilities: With ADSI, you can perform advanced queries and operations on the directory, which might not be possible with the standard AD connector.
  • Better Error Handling and Logging: The ADSI connector often provides better error handling and logging, making it easier to troubleshoot issues.

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.