I am right now using the CIAC portal to perform simple tasks on my infrastructure and I would like to be able to add a user to a given group in AD.
I have done the TEO process (with group and user parameters) and it works.
I have done the service request (with the form, the fields, the category, etc.) and I can fill it.
But I cannot figure out how to integrate these both elements through service link, with an agent and adapters.
Does somebody knows how to do it? Or where I can find some step by step information to do it?
Thanks by advance
Do you have a license and copy of Cisco Intelligent Automation for Cloud 2.0 or Cisco Intelligent Automation for Cloud Starter Edition 3.0.x? If so, you may reuse the same architecture and plumbing to communicate between Cloud Portal and TEO.
The fact is that the plumbing of the Starter Edition 3.0.2 concerning AD account management topics is quite weak.
This is why I was asking for best practices, as most of our customers are asking Account Management Features.
I must have misunderstood your question as I thought you couldn't "...figure out how to integrate these both elements through service link, with an agent and adapters." - Starter Edition has a reusable approach.
I'm interested in understanding where the user management features of Starter Edition aren't quite making your grade. The requirements driving Starter Edition's feature set are as they pertain to the enterprise as a private cloud deployment. Given this environment, the two primary deployment scenarios SE addresses are 1) no external user account data source (no directory integration), 2) external data source integration using one of the three types of directory servers supported by Cloud Portal. Scenario 2 two supports user authentication only and user authentication and authorization.
Scenario 1 supports user and organization management using Cloud Portal as the data source. Scenario 2 supports a pre-populated data source under the premise that enterprises most commonly have a existing directory services they desire to integrate with the solution, which is to say that an uncommon and not natively supported scenario is one in which the enterprise has no existing user account data source, but has idle directory services they would like for the solution to populate with new user accounts created through he solution. Certainly, such a scenario may be supported by extending the solution.
Let me know how you come along.
Sent from Cisco Technical Support iPhone App
Thank you for your answer.
Starter Edition is great for IaaS features (servers provisioning and control, etc.). And the connection to an external Active Directory is not a problem for us and we have tested it.
Actually my purpose is to give access to the private cloud users to published applications (Citrix XenApp) or published desktops (Citrix XenDesktop) that are ran inside the cloud. This access is driven by Active Directory group membership. For example, I have a "app-winword" group and I want to add "john doe" to this group so he get the access to winword once he is connected to his workplace.
I want also to propose these application as Service Catalog Item, so the users can check through the Service Portal the applications they own.
Does it seems clearer for you?