InvGate Service Management-Active Directory Integration Walkthrough

Melisa Wrobel August 1, 2023
- 8 min read

If you are looking to unify User Management capabilities into your IT Service Management solution, the InvGate Service Management and Active Directory integration will do the job. By connecting these two tools, you can centralize user accounts, automate user provisioning, and enhance security measures throughout your IT Support process.

Join us as we walk step by step through the configuration process and explore how this integration can positively impact your ITSM operations.

Let's dive in and unlock the full potential of this integration!

 

Why do you need to integrate InvGate Service Management and Active Directory?

Integrating InvGate Service Management with Active Directory addresses common challenges organizations face in User Management and IT service desk operations. Here are some compelling reasons why you should consider integrating these tools:

  • Enhanced User Management - You can leverage Active Directory's user attributes, such as job title, department, or contact information, within InvGate Service Management. This way, agents can access relevant user details during ticket resolution, facilitating better communication and personalized support

  • Faster service desk implementation - The integration enables you to synchronize a large number of users and accounts from your directory into your InvGate Service Management instance in a single operation. This saves significant time and effort, particularly in organizations with a large user base.

  • Improved data consistency - You can also ensure that user information remains complete and consistent across both systems.

  • Boosted user experience - As users can log into Service Desk using their Active Directory credentials, it simplifies authentication and ensures a unified login experience. 

Prerequisites for the InvGate Service Management-Active Directory integration

The requirements and information you need to integrate InvGate Service Management with Active Directory and Azure are as simple as any other integration. First, you need certain configuration data to carry out the process. This includes the hostname or IP address of your Active Directory server, the domain of your directory, and the domain name. Besides that, you need to have access to an administrator account in the three portals.

And that’s it, you are ready to start with the integration process!

How to integrate InvGate Service Management with Active Directory and Azure

Now that you have everything you need, it’s time to get into the integration process. To make it more clear, we have divided it into two phases: integrating InvGate Service Management with Active Directory to synchronize your user data, and with Azure for user authentication and provisioning

Integrating InvGate Service Management with Active Directory

Step 1: Access the configuration settings

Log in to your InvGate Service Management account and navigate to the “Settings” menu. There you have to first select “Users” and then “Directory Services.”

Step 2: Add the integration

Once you’re there, click on the “Add” button to open the configuration screen. Then, select the appropriate option between Active Directory and Open LDAP (Lightweight Directory Access Protocol) as per your setup.

Step 3: Provide integration details

Fill in the following details in the configuration screen. If you followed the prerequisites above, you should have them already set apart:

  • Name - Assign a name to the integration for identification purposes.
  • Host or IP Address - Specify the hostname or IP address of your Active Directory server.
  • Port - By default, the port value is 389 for LDAP connections, but adjust if required.
  • Domain - Enter the domain of your Active Directory.
  • Page Size - The default value is usually 1000, but adjust based on your directory's specifications.

If you want to import users only from a specific organizational unit (OU) or subdomain within your directory structure, add the OU name to the left of the Base DN value. For example: OU=Users, DC=subdomain, DC=cloud, DC=invgate, DC=com. Remember to follow the correct format, separating each unit with a comma followed by a space.

Step 4: Configure integration settings

Now it’s time to customize this integration to your organization’s needs. Complete the following:

  • Security option - It can be TLS, SSL, or none. 
  • Automatic Provisioning - Enable this option to automatically import users when they log in for the first time. Note that only users belonging to the Base DN will be considered for automatic provisioning.
  • Allow user search - Enable this option so that your agents can import unregistered users when creating a request on their behalf.
  • Import Groups - Choose whether to import user groups into InvGate Service Management. LDAP groups and OUs will be imported as groups on the Service Desk.
  • Import OUs - Decide whether to import the user's organizational unit, represented as a group in Service Desk.
  • Import Manager - Choose whether to import the user's manager with this option. The manager field will be populated only if the specified manager already exists in Service Desk or is part of the users being currently imported.
  • Synchronization frequency - Customize it according to your requirements.
  • Synchronization Modes - Select one or more based on your preferences (Synchronize existing users, Synchronize new users, and/or Synchronize deleted users).

Step 5: Provide credentials

Once you have completed all the relevant information, go to the configuration screen and enter the User or DN and Password required to establish the integration. Make sure you have read permissions for the user directory.

Step 6: Finalize and manage the integration

Review the integration configuration and ensure all settings are accurate before finally clicking on the “Save” button to save the configuration.

Once it's running, within the integration settings, you'll find options to test connectivity, perform mass synchronization, map field correspondences, import users and groups, edit the configuration, and delete the integration if needed.

Integrating InvGate Service Management with Azure

Step 1: Initiate the configuration

Log in to the Azure portal using the Azure Administrator profile at https://portal.azure.com/. Once there, follow these indications:

  • Navigate to “Enterprise Applications” and select “Create your own application”.
  • Provide a name for the new application's identifier and choose “Integrate any other application you don't find in the gallery.” 
  • Finally, save the changes to create the application successfully. Remember to choose the SAML login method.

Step 2: Configure SAML settings

Go into the SAML login settings, and edit the basic configuration. To do so, enter the following information in the provided fields:

  • Identifier (Entity ID) - This is the URL of your InvGate Service Management.
  • Reply URL (Assertion Consumer Service URL) - This is the URL of your InvGate Service Management pointing to the SAML endpoint (e.g., https://URL_Service_Desk/saml).

Step 3: Configure the Service Desk 

Depending on the portal configurations, you may need to add users and groups to the application in Azure to enable the login functionality. Take note of the following data from the Azure portal and proceed to the configuration screen in InvGate Service Management:

  • Microsoft Entra ID (formerly Azure Active Directory) identifier - This value should be placed in the entity ID field in InvGate Service Management.
  • Login URL - This value should be placed in the Service Desk Login URL field.
  • Certificate (Base64) - Download the certificate file and upload it in the Certificate section in InvGate Service Management. When uploading the file, select Public Key as the type. Note that by default, InvGate Service Management looks for certificates in PEM format, but you can also upload the file in the format provided by Azure using the All files option in the browser.

By following these steps and entering the necessary Azure information into InvGate Service Management, you can successfully integrate the two platforms for user authentication and provisioning. 

Next steps

Integrating all the users from your Active Directory database onto your InvGate Service Management instance is just the initial step of configuring your service desk. To ensure you’re getting the most out of the tool and your service desk is working at its full potential, make sure to tick the following off your list:

  • Assign roles and permissions - Roles determine the level of access and actions that users can perform in the system. Ensure that administrators, managers, agents, and end-users are assigned the appropriate roles based on their responsibilities and access requirements.

  • Create help desks - Organize and categorize different areas of support to enable efficient Ticket Management and ensure that issues are routed to the right teams or departments. 

  • Create the service catalog - Create a comprehensive service catalog that accurately represents the services your organization provides to users. Each category should include detailed information, such as name, description, ticket routing, escalations, Service Level Agreements (SLAs), and any associated support processes.

Wrapping up

Integrating InvGate Service Management with Active Directory empowers organizations to optimize their User Management processes and enhance their ITSM operations. 

The unified platform enables you to save time through mass synchronization, while also enhancing security and ensuring consistent access control. Basically, by successfully combining both tools your organization can achieve a centralized, efficient, and secure IT Service Management ecosystem. 

If you want to integrate your Active Directory instance with InvGate Service Management, book a call with our experts so they can help you out. And don’t forget that you can also start exploring InvGate Service Management right now with our 30-day free trial!



Read other articles like this : InvGate integrations, InvGate Service Desk, Product tutorials

Evaluate InvGate as Your ITSM Solution

30-day free trial - No credit card needed