Create synchronization script

Make sure that the userPrincipalName and Enabled properties of the Active Directory user accounts you want to synchronize using the script are completed.

To create a synchronization script:

  1. In the main window of the web interface, select the Users section.
  2. Click the Import and synchronization button.

    The Import and synchronization window opens.

  3. Select the Local Active Directory service tab.
  4. Click the New token button to generate a token used to authorize requests from Active Directory.

    The Get token window opens. Copy the token and save it in any way convenient for you.

    The token is not stored in the ASAP system with public access. After closing the Get token window, it will be unavailable to view. If necessary, you can re-issue a new token.

    The issued token is valid for 12 months. When this period expires, the token is revoked. The issued token is also revoked if it is not used for 6 months.

  5. In the Required parameters section, match the required custom ASAP fields and Active Directory account attributes. To do this, select the required value from the drop-down lists.
  6. If additional custom fields have been added for the company on the ASAP platform, match them with the attributes of Active Directory accounts using the drop-down lists in the Additional parameters section.
  7. Enable or disable rule application via the Apply rules slider in the Additional parameters section.

    Before enabling the application of rules, you must first create them.

    We don't recommend using automatic group distribution rules if you start synchronization with Active Directory when there are previously existing users and training has already been activated. This can lead to changes in user groups and their training program.

  8. In the Permitted actions with users section, check the boxes for operations you want performed during synchronization:
    • Add
    • Archive

      If you checked the Archive checkbox and integrated ASAP with Active Directory, you will not be able to manually archive users retrieved from Active Directory. Actions on such users must be performed in Active Directory.

    • Change
    • Delete
  9. In the Active Directory group for synchronization field, enter the name of the group whose users should be synchronized with the ASAP platform.
  10. Click the Save button.

    The specified settings will be added to the body of the script.

  11. Click the Download script button.

    The script file is saved to the browser's download folder.

  12. Specify the token copied in step 4 in one of the following ways:
    • Open the script file in the text editor, and in the $apikey = $env:KASAP_APIKEY line change $env:KASAP_APIKEY to the token contents in single quotes. For example:

      $apikey = '86ccae1a4f5d6a2421a097db789544b2'

    • Create the KASAP_APIKEY environment variable using the operating system and assign the contents of the token to it as a value.

      In this case, you don't need to change the script file.

You'll need to send this file to your company's Active Directory admin.

To the top