User Management

Hi Everyone,I could use some help with our Google User Repository. I am having a SUPER tough time wrapping my head around how the logic behind the Google User Repository works, especially in conjunction with the Importing Groups feature AND the filtering available when the import groups feature is enabled. No matter what way I initially set the user repository up I wasn’t going to bother with the groups feature. When I was using that way to import ALL of my users were coming into Sysaid from Google despite their Suspended or Active status in Google. So I tried checking the box that says “import active users only” and that didn’t seem to have any effect on the import.So then I got the groups importing. In Google I have 2 dynamic groups. One called active-users, and another one called suspended-users. I was hoping to use one of those as the group to use for importing. But then it also had imported ALL of the Google Groups. Should I just delete my entire user base and group that were impo

We are in the process of switching from using a traditional Active Directory with an Onsite Exchange Server as our RDS source to a Microsoft 365 Cloud environment including Cloud based Exchange (or whatever they call it now) and I was wondering if anyone had a good guide for that or at least just suggestions.I guess I am looking for any pitfalls I need to be aware of.  Any feedback would be appreciated.

I am attempting to set up our SSP so that supervisors can see tickets from their direct reports and not from other staff.  How do I do this?

When our SysAdmins are working with an end-user team, we typically get multiple people from that team submitting tickets. Sometimes, they want the ability to view the status of their teammates tickets. Currently, the only end-users that can see the status of a ticket are the "Submit User" and "Request User" It would be nice for an "End-User Group" to be able to see the statuses of tickets in a particular category or sub-category of tickets.

Is there a way to allow end users the ability to edit tickets from the self service portal. Our HR team options has to alter start date, equipment needs and I need to allow the ability to alter fields. 

There are numerous options in Level 1 Category. Easy option is its own Helpdesk and associated group. Members of other groups are able to assign their open tickets to our group, the IT team. We want to prevent that.  Reading other posts regarding this topic, there was this related link:https://community.sysaid.com/help-page.htm?helpPageId=4218 I went through it and the current settings we have, it doesn’t to be clear that an Administrator can create/modify tickets in their own group only or any group. Any help with this would be appreciated.   CheersSuneil

Is there a way to manually disable users imported from LDAP? We’ve reached our license limit of users and now its disabling users that need to be enabled. We have some users that don’t need to be enabled but when we click disable for those users it doesn’t disable them. 

Hello. We are having an issue with our LDAP sync. Until recently, it was importing correctly. However, now when the LDAP integration process runs it does not import the firstName of our new users. It also wipes out the first names of the users that were already in the system. We haven’t changed anything within our AD structure nor have we made any changes to our LDAP integration. Any ideas why this would be happening? As a test I manually entered the first names of some of our users and after the next run the names had been removed again.

Do disabled administrators still consume a license?We have a number of administrators that have left the company. I would like to reallocate their licenses to new admins, but I don’t want to transfer all tickets over to the new admins. Its useful for us to see the history of a user and which administrator assisted them in the past, even if the admin no longer works for us.I have set the old admins to Disabled, but licenses still show as allocated.What is the best way forward?Should I convert the old admins to users, and can I do so without losing the history of tickets they were assigned to? Can I just add new admins and accept that the system knows disabled admins aren’t actually licensed agents?

Greetings!We are running on prem Build Numberv21.4.45 b17I have two administrators that we have disabled in our AD environment.  We have our SysAid integrated with AD, and have verified integration is working with end users.However these two administrator accounts in our SysAid environment are still active and cannot set them to disabled either by syncing, or manually setting them to disabled.Any thoughts on this?Thanks for the help!-Evan 

Did you catch the news? Gmail announced it will no longer support SMTP protocol for free accounts and is expecting to roll this out for paid accounts at a later date. Now’s a great time to get ahead of this and make the transition to the more secure and updated protocol of OAuth 2.0.Setup of the new email integration is simple: 1. In SysAid, go to: Settings > Integration > Email.2. Click the Create New button, and follow the instructions in this Google Email Integration with OAuth 2.0 Guide.3. Test and verify the new integration: Send manual email, reply from tickets and take actions that trigger automatic notification.To disable the SMTP integration [see screenshot below]:In SysAid, go to: Settings > Integration [1] > Email [2].1. Choose the SMTP integration list item and uncheck:2. Select the Outgoing Email tab [3]3. Uncheck Enable outgoing email4. Click Apply [5].5. Select the Incoming Email tab [4]6. Uncheck Enable incoming email7. Click Apply [5].Act today and avoid th

Hello Support, We created a new user account a few weeks ago, however the user has yet to sync from LDAP to SysAid. The user is in the correct OU, and the Sysaid integration portal has established a connection. We've set the Sync setting to run every day. Please advise. thank you,

Hello, We have recently setup SysAid and I am trying to configure the app. If I login with the generic sysaid user everything works fine but if I login using my personal credentials or indeed any credentials that were imported using the LDAP plugin it will not work. I get the following error— Of course, I've tried my password several times, I've tried different LDAP users, I've tried different formats for my username (e.g. DOMAIN\username, username@domain.com, DOMAIN\\username, domain\UserName, etc) but nothing seems to want to let me in except the user that was created directly on the system rather than imported. I have checked that the users in question have the phone app permission turned on as well. Does anyone here use the Android App with users imported from Active Directory? What format does your login take? Thanks.

Hi, My installation send mail through an office 365 account, protocol oauth 2.0. Build v20.4.74 b10 To receive mails with attachment works fine, but if I try to send a mail with an attachment is impossible, only text mails. Anyone has similar problem? Thanks.

So we have an issue with our sysaid helpdesk LDAP integration. We use sysaid's password reset portal service with it's native text provider and it works great. The only problem is our LDAP connection overwrites the number a end user puts in themselves in the self service portal with the number in AD, so I was wondering if we could have a LDAP connection made to sync data both ways. Essentially my current idea is to have a second similar LDAP config that only syncs phone numbers both ways. Is this possible? Also, is there a better way? Any help would be appreciated. Thanks, Kyler C.

I attempted to find best practices or similar questions in the forums and documentation but couldn't immediately find it. We have a large amount of end users for a "Domain" "Company" (whatever you want to call it) that we no longer provide service to. Those end users originally we brought in via LDAP integration. Disabling them all seems like something I should do ... right? Deleting them seems like it will break their ticket history? I'm pretty new to SysAid Administration, and I don't have a colleague who knows more about SysAid to lean on. Not asking you to solve my problem for me, Just point me to the right Best Practices Documentation for this kind of situation, or the risks, rewards, for disabling/deleting these end users.

We are having so many issues with our OnPremise installation, that we want to try a clean installation and see if this will help us. (it is after all and upgrade on upgrade since version. 3) But already at the LDAP integration I stumple upon my first issue... Why cant I enter credentials like I used to (it used to be text-fields, but now a drop down) https://ibb.co/CVjv8y7

Hello! I have a picture that I should paint first. We are a large group of schools with a centralised Helpdesk and each school is set as a company within Sysaid. Staff are brought in via LDAP and mapped to their relevant company, students will soon be following suit. Our default method of users logging calls is via email integration, so when a user emails the inbox, it will generate a service request, raised by the user and assigned to their respective company. This company assignment is important to us for SLA data. Due to the pandemic, remote learning and the fact we are mass issuing devices out to students, we have decided to allow parents of the students the ability of emailing the Sysaid platform to raise a request, but obviously as they are not 'users' of Sysaid, the request isn't assigned to a company, nor is the user a Sysaid user. I have used the secondary email field on a student user record to add a 'third party' email address, but it won't create a record on behalf

Hello there, I have some weird issue, I am seeing in syslog, many attempts to authenticate with my network servers, with a "sysaidinternal" user account, I don't have such account in my AD, and I have credentials for LDAP and for Agent deployment in sysaid configuration. What is the cause of this?

Hello friends, I have a problem, it happens that when tickets are generated by sending emails, these tickets have as the user the X500 address of the email account, attached a photo, the sysaid support indicates that the user is not in the GAL, but I confirm with the email support of my company, and they tell me that the account that presents this problem is in the GAL, someone who can help me with this please thabks

Hey guys, We wants to integrate your app with ours, found Non-OAuth connection documents but unable to find OAuth connection document. It will be great and helpful if OAuth user connection detail document is shared. Looking for your support. Thanks!

A supervisor in my organization noticed that he sees all the tickets for people in his department, including his own bosses. I checked our AD, and he only has six direct reports listed. It begs the question, where is SysAid pulling the information about who is under his supervision during an LDAP sync? Can it be configured t only show his direct reports under Supervised Tickets in the Self-Service Portal? Thanks for any advice you can offer.

Hello, Today we bring our LDAP active directory by just selecting some OU. We would not want to import users whose "first names" field is empty. Thank you for your help. Nicolas

Hey guys, Great news! After vigorous testing, we’re ready to release the SysAid 20.1.11 On-Premise version, which includes enhancements to the Automate Joe service orchestration module and the Jira add-on, group permissions for Dashboard views, an audit log summary for each LDAP refresh, and more helpful features. For a quick overview of what’s new in the UI, check out the release candidate. We’ll be rolling out this release in multiple batches throughout the next 2 weeks. If you’re an On-Prem customer, check your email for download link during this period. As a special perk for community users, you can avoid the wait and download the update right now! If you’re interested, use this link. Enjoy!

Microsoft is recommending security changes in LDAP and I wanted to see if Sysaid can handle this change. https://support.microsoft.com/en-us/help/4520412/2020-ldap-channel-binding-and-ldap-signing-requirement-for-windows