Adding Active Directory Groups using Powershell
  • 23 Jul 2021
  • 1 Minute to read
  • Dark
    Light
  • PDF

Adding Active Directory Groups using Powershell

  • Dark
    Light
  • PDF

PowerShell may be used to import Active Directory Groups to the SecureCircle Server. The required scripts can be found here;

ad-idp-create.ps1

ad-idp-refresh.ps1

Connecting SecureCircle to Active Directory requires a small process to setup. Instructions are below. If you require any assistance, please let us know.

Pre-requisites

  • Active Directory connected computer.
  • Read access to AD
  • Microsoft’s RSAT (Remote Server Administration Tools) as of Windows 10 Version 1809 you can no longer download
    the tools from Microsoft’s webpage and will need to install from PowerShell. Instructions Below.

Installing RSAT through PowerShell

  1. Open PowerShell as an administrator
  2. Copy and paste the command:
  3. Add-WindowsCapability -Online -Name Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0
  4. Hit enter once finished may move on to running the PowerShell script ad-idp-create1.ps1

Connecting to AD

  • Open PowerShell ISE as an Administrator and Select File > Open > Navigate the zip file and load ad-idp-create.
  • Edit script to include your information
    In the script we need to edit the four highlighted fields to import your Active Directory groups.
    Create Script

Hostname - Navigate to your SecureCircle SaaS Tenant web address from a browser.

  • Example: 83453fa32.me1.saas.securecircle.com and copy it into the script under in place of hostname.

Searchbase– enter the information for your domain controller. Example : domain of corp.test.com would be dc=corp,dc=test.

Name – Provide any name you would like to call it. It will reflect the name as the AD policy in the Secure Circle SaaS Tenant.

Api-Key – to retrieve the Api-key, login to the SecureCircle SaaS Tenant and follows these steps.

  • Click on the triangle on top right corner as show in the picture > Settings > Show Api-key > copy key into script replacing
    Api-key.

Execute script: Hit play on the script and it will import your current groups in AD to SecureCircle’s portal.

Refresh Script

The Refresh script is used if you created new AD groups since you last imported your groups. By filling it out and running the script
will import the new groups to SecureCircle’s portal. Only groups that you choose to govern access to SecureCircle will need to be
imported.
Refresh Script

  • Edit information from steps above for Connecting SecureCircle to AD, will need Hostname, Apikey, Searchbase.
  • One additional field will need to be entered is RefreshItemId = “ip-numbers” refers to the Active Directory Integration ServiceID found within the Admin UI under Configuration->Integrations->Directory Services. See image below.
  • Hit Play on the script to run the import.
    IP Numbers

Was this article helpful?