activedirectory.sgnl.yaml

# Active Directory Configuration YAML
displayName: "Active Directory"
icon: |
  PHN2ZyB3aWR0aD0iNjQiIGhlaWdodD0iNjQiIHZpZXdCb3g9IjAgMCA2NCA2NCIgZmlsbD0ibm9uZSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KPHJlY3Qgd2lkdGg9IjY0IiBoZWlnaHQ9IjY0IiBmaWxsPSJ3aGl0ZSIvPgo8cGF0aCBkPSJNMjguOTAzMiAxMy4zNjg4TDEwLjIwMzIgMzQuNDI4QzguODI1NiAzNS45NzkyIDkuMTY5NiAzOC4zOTUyIDEwLjkyNCAzOS41MDE2TDMwLjEwMTYgNTEuNTkxMkMzMS4xOTY4IDUyLjI4MTYgMzIuNTkwNCA1Mi4yODE2IDMzLjY4NDggNTEuNTkxMkw1Mi44NjI0IDM5LjUwMTZDNTQuNjE2OCAzOC4zOTUyIDU0Ljk2IDM1Ljk3OTIgNTMuNTgzMiAzNC40MjhMMzQuODg0OCAxMy4zNjg4QzMzLjI5MzYgMTEuNTc2OCAzMC40OTQ0IDExLjU3NjggMjguOTAyNCAxMy4zNjg4SDI4LjkwMzJaIiBmaWxsPSJ1cmwoI3BhaW50MF9saW5lYXJfMTYyNV80MCkiLz4KPHBhdGggZD0iTTQyLjYxMzYgMzUuMDRMMjcuMzI4IDQ0Ljc2NzJDMjQuODQxNiA0Ni4zNDk2IDIxLjY2NDggNDYuMzUxMiAxOS4xNzYgNDQuNzcyOEwxMC44NCAzOS40ODMyQzkuMDg4MDEgMzguMzcxMiA4Ljc1MjAxIDM1Ljk1MjggMTAuMTM2IDM0LjQwNjRMMjguOTM4NCAxMy4yOTQ0QzMwLjQ2OTYgMTEuNTgyNCAzMy4zMTEyIDExLjU4ODggMzQuODM0NCAxMy4zMDcyTDQxLjI1MzYgMjAuNTZDNDEuMjUzNiAyMC41NiAzNi4xMzM2IDE3LjkyIDMxLjg5MzYgMjIuNzJMNDIuNjEzNiAzNS4wNFoiIGZpbGw9InVybCgjcGFpbnQxX2xpbmVhcl8xNjI1XzQwKSIvPgo8cGF0aCBkPSJNMzEuODkzNiAyMi43MkwyMS4xNzM2IDM1LjA0TDMxLjg5MzYgNDEuNzZMNDIuNjEzNiAzNS4wNEwzMS44OTM2IDIyLjcyWiIgZmlsbD0idXJsKCNwYWludDJfbGluZWFyXzE2MjVfNDApIi8+CjxtYXNrIGlkPSJtYXNrMF8xNjI1XzQwIiBzdHlsZT0ibWFzay10eXBlOmx1bWluYW5jZSIgbWFza1VuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeD0iOSIgeT0iMTIiIHdpZHRoPSI0NiIgaGVpZ2h0PSI0MSI+CjxwYXRoIGQ9Ik0yOC45MDMyIDEzLjM2ODhMMTAuMjAzMiAzNC40MjhDOC44MjU2IDM1Ljk3OTIgOS4xNjk2IDM4LjM5NTIgMTAuOTI0IDM5LjUwMTZMMzAuMTAxNiA1MS41OTEyQzMxLjE5NjggNTIuMjgxNiAzMi41OTA0IDUyLjI4MTYgMzMuNjg0OCA1MS41OTEyTDUyLjg2MjQgMzkuNTAxNkM1NC42MTY4IDM4LjM5NTIgNTQuOTYgMzUuOTc5MiA1My41ODMyIDM0LjQyOEwzNC44ODQ4IDEzLjM2ODhDMzMuMjkzNiAxMS41NzY4IDMwLjQ5NDQgMTEuNTc2OCAyOC45MDI0IDEzLjM2ODhIMjguOTAzMloiIGZpbGw9IndoaXRlIi8+CjwvbWFzaz4KPGcgbWFzaz0idXJsKCNtYXNrMF8xNjI1XzQwKSI+CjxwYXRoIHN0eWxlPSJtaXgtYmxlbmQtbW9kZTptdWx0aXBseSIgZD0iTTMxLjg5MzYgNTIuNzJWOS45Mkw1Ni4yMTM2IDM3LjQ0TDMxLjg5MzYgNTIuNzJaIiBmaWxsPSJ1cmwoI3BhaW50M19saW5lYXJfMTYyNV80MCkiLz4KPC9nPgo8ZGVmcz4KPGxpbmVhckdyYWRpZW50IGlkPSJwYWludDBfbGluZWFyXzE2MjVfNDAiIHgxPSI5LjM1NTIiIHkxPSIzMi4wNjY0IiB4Mj0iNTQuNDMyIiB5Mj0iMzIuMDY2NCIgZ3JhZGllbnRVbml0cz0idXNlclNwYWNlT25Vc2UiPgo8c3RvcCBzdG9wLWNvbG9yPSIjMjI1MDg3Ii8+CjxzdG9wIG9mZnNldD0iMSIgc3RvcC1jb2xvcj0iIzAzNEVBRiIvPgo8L2xpbmVhckdyYWRpZW50Pgo8bGluZWFyR3JhZGllbnQgaWQ9InBhaW50MV9saW5lYXJfMTYyNV80MCIgeDE9IjkuMjgwMDEiIHkxPSIyOC45ODQ4IiB4Mj0iNDIuNjEzNiIgeTI9IjI4Ljk4NDgiIGdyYWRpZW50VW5pdHM9InVzZXJTcGFjZU9uVXNlIj4KPHN0b3Agc3RvcC1jb2xvcj0iIzY5REVGRiIvPgo8c3RvcCBvZmZzZXQ9IjEiIHN0b3AtY29sb3I9IiMxREE2RTgiLz4KPC9saW5lYXJHcmFkaWVudD4KPGxpbmVhckdyYWRpZW50IGlkPSJwYWludDJfbGluZWFyXzE2MjVfNDAiIHgxPSIzMS44OTM2IiB5MT0iMjIuNzIiIHgyPSIzMS44OTM2IiB5Mj0iNDEuNzYiIGdyYWRpZW50VW5pdHM9InVzZXJTcGFjZU9uVXNlIj4KPHN0b3Agc3RvcC1jb2xvcj0iIzhDRUFGRiIvPgo8c3RvcCBvZmZzZXQ9IjEiIHN0b3AtY29sb3I9IiM1RERGRkEiLz4KPC9saW5lYXJHcmFkaWVudD4KPGxpbmVhckdyYWRpZW50IGlkPSJwYWludDNfbGluZWFyXzE2MjVfNDAiIHgxPSIyNS43ODg4IiB5MT0iMTMuNDQ0OCIgeDI9IjQ0LjMyMjQiIHkyPSI0NS41NDQ4IiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSI+CjxzdG9wIHN0b3Atb3BhY2l0eT0iMC4xIi8+CjxzdG9wIG9mZnNldD0iMSIgc3RvcC1vcGFjaXR5PSIwLjIiLz4KPC9saW5lYXJHcmFkaWVudD4KPC9kZWZzPgo8L3N2Zz4=
description: "Active Directory as a System of Record"
hostname: "{{Input Required: test.data.com}}"
defaultSyncFrequency: HOURLY
defaultSyncMinInterval: 1
defaultApiCallFrequency: SECONDLY
defaultApiCallMinInterval: 1
type: "LDAP-1.0.0"
# Example Config:
# {
#   "baseDN":"dc=org,dc=example,dc=io",
#   "certificateChain": ". . . base64 encoded certificate chain here . . "
#   "entityConfig": {
#     "User": {
#       "query": "(&(objectCategory=user)(objectClass=user)(distinguishedName=*))"
#     },
#     "Computer": {
#       "query": "(&(objectCategory=computer)(name=*))"
#     },
#     "Group": {
#       "query": "(&(objectCategory=group)(objectClass=group)(distinguishedName=*))"
#     },
#     "GroupMember": {
#       "memberOf": "Group",
#       "collectionAttribute": "distinguishedName",
#       "query": "(&(memberOf={{CollectionId}})(objectCategory=user)(objectClass=user))",
#       "memberUniqueIdAttribute": "objectGUID",
#       "memberOfUniqueIdAttribute": "objectGUID"
#     }
#   },
# }

# Adapter Config Field Info:
# [Required] baseDN (String): Specifies the Base Distinguished Name (DN) for the LDAP directory.

# [Optional/Required] certificateChain (String): Contains the Base64 encoded certificate chain for secure communication with the LDAP server. (if LDAPS)

# [Optional/Required] entityConfig (Object): Configurations for different types of entities within the LDAP directory.

# For more information on LDAP queries: https://ldap.com/ldap-filters/
# [Optional] entityConfig.User (Object): Configuration for user entities.
# [Required] entityConfig.User.query (String): Specifies the LDAP query for retrieving user entities.

# [Optional] entityConfig.Computer (Object): Configuration for computer entities.
# [Required] entityConfig.Computer.query (String): Specifies the LDAP query for retrieving computer entities.

# [Optional] entityConfig.Group (Object): Configuration for group entities.
# [Required] entityConfig.Group.query (String): Specifies the LDAP query for retrieving group entities.

# [Optional] entityConfig.GroupMember (Object): Configuration for group membership entities.
# [Required] entityConfig.GroupMember.memberOf (String): Specifies the group to which the members belong.
# [Required] entityConfig.GroupMember.query (String): Specifies the LDAP query for retrieving group members with {{CollectionID}}.
# [Required] entityConfig.GroupMember.collectionAttribute (String): Specifies attribute name to replate {{CollectionID}}.
# [Required] entityConfig.GroupMember.memberUniqueIdAttribute (String): Specifies the attribute used as a unique identifier for members.
# [Required] entityConfig.GroupMember.memberOfUniqueIdAttribute (String): Specifies the attribute used as a unique identifier for the group.

adapterConfig: "ewogICAgImJhc2VETiI6ICJ7e0lucHV0IFJlcXVpcmVkOiBCYXNlRE59fSIsCiAgICAiY2VydGlmaWNhdGVDaGFpbiI6ICJ7e0lucHV0IFJlcXVpcmVkOiBJZiBMREFQUyBpcyBlbmFibGVkOiBiYXNlNjQgZW5jb2RlZCBjZXJ0aWZpY2F0ZUNoYWlufX0iCn0="
# All auth mechanisms specified below must be supported by the specified Adapter.
auth:
  - basic:
      username: "{{Input Required: Username}}"
      password: "{{Input Required: Password}}"
entities:
  # Reference for Active Directory Schema
  # See: https://learn.microsoft.com/en-us/windows/win32/adschema/active-directory-schema
  User:
    displayName: User
    externalId: User
    description: An entity representing a User in an Active Directory
    pageSize: 100
    pagesOrderedById: false
    attributes:
      - name: objectGUID
        externalId: objectGUID
        description: The objectGUID of the User
        type: String
        indexed: true
        uniqueId: true
        attributeAlias: userGUID
      - name: dn
        externalId: dn
        description: The Distinguished Name (DN) of the user
        type: String
      - name: objectClass
        externalId: objectClass
        type: String
        list: true
      - name: sn
        externalId: sn
        type: String
      - name: givenName
        externalId: givenName
        type: String
      - name: distinguishedName
        externalId: distinguishedName
        type: String
      - name: instanceType
        externalId: instanceType
        type: Int64
      - name: whenCreated
        externalId: whenCreated
        type: DateTime
      - name: whenChanged
        externalId: whenChanged
        type: DateTime
      - name: uSNCreated
        externalId: uSNCreated
        type: Int64
      - name: uSNChanged
        externalId: uSNChanged
        type: Int64
      - name: department
        externalId: department
        type: String
      - name: name
        externalId: name
        type: String
      - name: userAccountControl
        externalId: userAccountControl
        type: Int64
      - name: badPwdCount
        externalId: badPwdCount
        type: Int64
      - name: codePage
        externalId: codePage
        type: Int64
      - name: countryCode
        externalId: countryCode
        type: Int64
      - name: badPasswordTime
        externalId: badPasswordTime
        type: Int64
      - name: lastLogoff
        externalId: lastLogoff
        type: Int64
      - name: lastLogon
        externalId: lastLogon
        type: Int64
      - name: pwdLastSet
        externalId: pwdLastSet
        type: Int64
      - name: primaryGroupID
        externalId: primaryGroupID
        type: Int64
      - name: accountExpires
        externalId: accountExpires
        type: Int64
      - name: logonCount
        externalId: logonCount
        type: Int64
      - name: sAMAccountName
        externalId: sAMAccountName
        type: String
      - name: sAMAccountType
        externalId: sAMAccountType
        type: Int64
      - name: userPrincipalName
        externalId: userPrincipalName
        type: String
      - name: objectCategory
        externalId: objectCategory
        type: String
      - name: dSCorePropagationData
        externalId: dSCorePropagationData
        type: DateTime
      - name: objectSid
        externalId: objectSid
        type: String
  Computer:
    displayName: Computer
    externalId: Computer
    description: An entity representing a Computer in an Active Directory
    pageSize: 100
    pagesOrderedById: false
    attributes:
      - name: objectGUID
        externalId: objectGUID
        description: The objectGUID of the Computer
        type: String
        indexed: true
        uniqueId: true
      - name: dn
        externalId: dn
        description: The Distinguished Name (DN) of the Computer
        type: String
      - name: objectClass
        externalId: objectClass
        type: String
        list: true
      - name: cn
        externalId: cn
        type: String
      - name: givenName
        externalId: givenName
        type: String
      - name: distinguishedName
        externalId: distinguishedName
        type: String
      - name: instanceType
        externalId: instanceType
        type: Int64
      - name: whenCreated
        externalId: whenCreated
        type: DateTime
      - name: whenChanged
        externalId: whenChanged
        type: DateTime
      - name: uSNCreated
        externalId: uSNCreated
        type: Int64
      - name: uSNChanged
        externalId: uSNChanged
        type: Int64
      - name: department
        externalId: department
        type: String
      - name: name
        externalId: name
        type: String
      - name: userAccountControl
        externalId: userAccountControl
        type: Int64
      - name: badPwdCount
        externalId: badPwdCount
        type: Int64
      - name: codePage
        externalId: codePage
        type: Int64
      - name: countryCode
        externalId: countryCode
        type: Int64
      - name: badPasswordTime
        externalId: badPasswordTime
        type: Int64
      - name: lastLogoff
        externalId: lastLogoff
        type: Int64
      - name: lastLogon
        externalId: lastLogon
        type: Int64
      - name: localPolicyFlags
        externalId: localPolicyFlags
        type: Int64
      - name: pwdLastSet
        externalId: pwdLastSet
        type: Int64
      - name: primaryGroupID
        externalId: primaryGroupID
        type: Int64
      - name: accountExpires
        externalId: accountExpires
        type: Int64
      - name: logonCount
        externalId: logonCount
        type: Int64
      - name: sAMAccountName
        externalId: sAMAccountName
        type: String
      - name: sAMAccountType
        externalId: sAMAccountType
        type: Int64
      - name: operatingSystem
        externalId: operatingSystem
        type: String
      - name: operatingSystemVersion
        externalId: operatingSystemVersion
        type: String
      - name: dNSHostName
        externalId: dNSHostName
        type: String
      - name: servicePrincipalName
        externalId: servicePrincipalName
        type: String
        list: true
      - name: objectCategory
        externalId: objectCategory
        type: String
      - name: isCriticalSystemObject
        externalId: isCriticalSystemObject
        type: Bool
      - name: dSCorePropagationData
        externalId: dSCorePropagationData
        type: DateTime
        list: true
      - name: objectSid
        externalId: objectSid
        type: String
      - name: msDSSupportedEncryptionTypes
        externalId: msDS-SupportedEncryptionTypes
        type: Int64
      - name: lastLogonTimestamp
        externalId: lastLogonTimestamp
        type: Int64
  Group:
    description: "An entity representing a Group in an Active Directory"
    displayName: Group
    externalId: Group
    pageSize: 100
    pagesOrderedById: false
    attributes:
      - name: objectGUID
        externalId: objectGUID
        description: The objectGUID of the Group
        type: String
        indexed: true
        uniqueId: true
        attributeAlias: groupGUID
      - name: dn
        externalId: dn
        description: The Distinguished Name (DN) of the group
        type: String
      - name: objectClass
        externalId: objectClass
        type: String
        list: true
      - name: cn
        externalId: cn
        type: String
      - name: description
        externalId: description
        type: String
      - name: distinguishedName
        externalId: distinguishedName
        type: String
      - name: instanceType
        externalId: instanceType
        type: Int64
      - name: whenCreated
        externalId: whenCreated
        type: DateTime
      - name: whenChanged
        externalId: whenChanged
        type: DateTime
      - name: uSNCreated
        externalId: uSNCreated
        type: Int64
      - name: uSNChanged
        externalId: uSNChanged
        type: Int64
      - name: name
        externalId: name
        type: String
      - name: sAMAccountName
        externalId: sAMAccountName
        type: String
      - name: sAMAccountType
        externalId: sAMAccountType
        type: Int64
      - name: groupType
        externalId: groupType
        type: Int64
      - name: objectCategory
        externalId: objectCategory
        type: String
      - name: dSCorePropagationData
        externalId: dSCorePropagationData
        type: DateTime
      - name: objectSid
        externalId: objectSid
        type: String
  GroupMember:
    description: "Group Member Entity in Active Directory"
    displayName: GroupMember
    externalId: GroupMember
    pageSize: 100
    pagesOrderedById: false
    attributes:
      - name: id
        externalId: id
        type: String
        indexed: true
        uniqueId: true
      - name: group_objectGUID
        externalId: group_objectGUID
        type: String
        indexed: true
      - name: member_objectGUID
        externalId: member_objectGUID
        type: String
        indexed: true

relationships:
  UserMember:
    name: Member
    displayName: User Member
    fromAttribute: GroupMember.member_objectGUID
    toAttribute: userGUID
  GroupMember:
    name: Member
    displayName: Group Member
    fromAttribute: GroupMember.member_objectGUID
    toAttribute: groupGUID
  MemberOf:
    name: MemberOf
    displayName: Member Of
    fromAttribute: GroupMember.group_objectGUID
    toAttribute: groupGUID
  UserMemberGroup:
    name: Group
    displayName: User Member Group
    path:
      - relationship: UserMember
        direction: Backward
      - relationship: MemberOf
        direction: Forward
  GroupMemberGroup:
    name: Group
    displayName: Group Member Group
    path:
      - relationship: GroupMember
        direction: Backward
      - relationship: MemberOf
        direction: Forward