LDAP, Active directory, Azure AD, OKTA AD, SSO integrations, user groups, permissions, end-user, admin and, company entity
- 23 Posts
- 38 Replies
There are numerous options in Level 1 Category. Easy option is its own Helpdesk and associated group. Members of other groups are able to assign their open tickets to our group, the IT team. We want to prevent that. Reading other posts regarding this topic, there was this related link:https://community.sysaid.com/help-page.htm?helpPageId=4218 I went through it and the current settings we have, it doesn’t to be clear that an Administrator can create/modify tickets in their own group only or any group. Any help with this would be appreciated. CheersSuneil
Is there a way to manually disable users imported from LDAP? We’ve reached our license limit of users and now its disabling users that need to be enabled. We have some users that don’t need to be enabled but when we click disable for those users it doesn’t disable them.
Hello. We are having an issue with our LDAP sync. Until recently, it was importing correctly. However, now when the LDAP integration process runs it does not import the firstName of our new users. It also wipes out the first names of the users that were already in the system. We haven’t changed anything within our AD structure nor have we made any changes to our LDAP integration. Any ideas why this would be happening? As a test I manually entered the first names of some of our users and after the next run the names had been removed again.
Do disabled administrators still consume a license?We have a number of administrators that have left the company. I would like to reallocate their licenses to new admins, but I don’t want to transfer all tickets over to the new admins. Its useful for us to see the history of a user and which administrator assisted them in the past, even if the admin no longer works for us.I have set the old admins to Disabled, but licenses still show as allocated.What is the best way forward?Should I convert the old admins to users, and can I do so without losing the history of tickets they were assigned to? Can I just add new admins and accept that the system knows disabled admins aren’t actually licensed agents?
Greetings!We are running on prem Build Numberv21.4.45 b17I have two administrators that we have disabled in our AD environment. We have our SysAid integrated with AD, and have verified integration is working with end users.However these two administrator accounts in our SysAid environment are still active and cannot set them to disabled either by syncing, or manually setting them to disabled.Any thoughts on this?Thanks for the help!-Evan
Did you catch the news? Gmail announced it will no longer support SMTP protocol for free accounts and is expecting to roll this out for paid accounts at a later date. Now’s a great time to get ahead of this and make the transition to the more secure and updated protocol of OAuth 2.0.Setup of the new email integration is simple: 1. In SysAid, go to: Settings > Integration > Email.2. Click the Create New button, and follow the instructions in this Google Email Integration with OAuth 2.0 Guide.3. Test and verify the new integration: Send manual email, reply from tickets and take actions that trigger automatic notification.To disable the SMTP integration [see screenshot below]:In SysAid, go to: Settings > Integration  > Email .1. Choose the SMTP integration list item and uncheck:2. Select the Outgoing Email tab 3. Uncheck Enable outgoing email4. Click Apply .5. Select the Incoming Email tab 6. Uncheck Enable incoming email7. Click Apply .Act today and avoid th
Hello Support, We created a new user account a few weeks ago, however the user has yet to sync from LDAP to SysAid. The user is in the correct OU, and the Sysaid integration portal has established a connection. We've set the Sync setting to run every day. Please advise. thank you,
Hello, We have recently setup SysAid and I am trying to configure the app. If I login with the generic sysaid user everything works fine but if I login using my personal credentials or indeed any credentials that were imported using the LDAP plugin it will not work. I get the following error— Of course, I've tried my password several times, I've tried different LDAP users, I've tried different formats for my username (e.g. DOMAIN\username, firstname.lastname@example.org, DOMAIN\\username, domain\UserName, etc) but nothing seems to want to let me in except the user that was created directly on the system rather than imported. I have checked that the users in question have the phone app permission turned on as well. Does anyone here use the Android App with users imported from Active Directory? What format does your login take? Thanks.
When our SysAdmins are working with an end-user team, we typically get multiple people from that team submitting tickets. Sometimes, they want the ability to view the status of their teammates tickets. Currently, the only end-users that can see the status of a ticket are the "Submit User" and "Request User" It would be nice for an "End-User Group" to be able to see the statuses of tickets in a particular category or sub-category of tickets.
So we have an issue with our sysaid helpdesk LDAP integration. We use sysaid's password reset portal service with it's native text provider and it works great. The only problem is our LDAP connection overwrites the number a end user puts in themselves in the self service portal with the number in AD, so I was wondering if we could have a LDAP connection made to sync data both ways. Essentially my current idea is to have a second similar LDAP config that only syncs phone numbers both ways. Is this possible? Also, is there a better way? Any help would be appreciated. Thanks, Kyler C.
I attempted to find best practices or similar questions in the forums and documentation but couldn't immediately find it. We have a large amount of end users for a "Domain" "Company" (whatever you want to call it) that we no longer provide service to. Those end users originally we brought in via LDAP integration. Disabling them all seems like something I should do ... right? Deleting them seems like it will break their ticket history? I'm pretty new to SysAid Administration, and I don't have a colleague who knows more about SysAid to lean on. Not asking you to solve my problem for me, Just point me to the right Best Practices Documentation for this kind of situation, or the risks, rewards, for disabling/deleting these end users.
We are having so many issues with our OnPremise installation, that we want to try a clean installation and see if this will help us. (it is after all and upgrade on upgrade since version. 3) But already at the LDAP integration I stumple upon my first issue... Why cant I enter credentials like I used to (it used to be text-fields, but now a drop down) https://ibb.co/CVjv8y7
Hello! I have a picture that I should paint first. We are a large group of schools with a centralised Helpdesk and each school is set as a company within Sysaid. Staff are brought in via LDAP and mapped to their relevant company, students will soon be following suit. Our default method of users logging calls is via email integration, so when a user emails the inbox, it will generate a service request, raised by the user and assigned to their respective company. This company assignment is important to us for SLA data. Due to the pandemic, remote learning and the fact we are mass issuing devices out to students, we have decided to allow parents of the students the ability of emailing the Sysaid platform to raise a request, but obviously as they are not 'users' of Sysaid, the request isn't assigned to a company, nor is the user a Sysaid user. I have used the secondary email field on a student user record to add a 'third party' email address, but it won't create a record on behalf
Hello there, I have some weird issue, I am seeing in syslog, many attempts to authenticate with my network servers, with a "sysaidinternal" user account, I don't have such account in my AD, and I have credentials for LDAP and for Agent deployment in sysaid configuration. What is the cause of this?
Hello friends, I have a problem, it happens that when tickets are generated by sending emails, these tickets have as the user the X500 address of the email account, attached a photo, the sysaid support indicates that the user is not in the GAL, but I confirm with the email support of my company, and they tell me that the account that presents this problem is in the GAL, someone who can help me with this please thabks
A supervisor in my organization noticed that he sees all the tickets for people in his department, including his own bosses. I checked our AD, and he only has six direct reports listed. It begs the question, where is SysAid pulling the information about who is under his supervision during an LDAP sync? Can it be configured t only show his direct reports under Supervised Tickets in the Self-Service Portal? Thanks for any advice you can offer.
Hey guys, Great news! After vigorous testing, we’re ready to release the SysAid 20.1.11 On-Premise version, which includes enhancements to the Automate Joe service orchestration module and the Jira add-on, group permissions for Dashboard views, an audit log summary for each LDAP refresh, and more helpful features. For a quick overview of what’s new in the UI, check out the release candidate. We’ll be rolling out this release in multiple batches throughout the next 2 weeks. If you’re an On-Prem customer, check your email for download link during this period. As a special perk for community users, you can avoid the wait and download the update right now! If you’re interested, use this link. Enjoy!
Hello. We use IMAP integration with Microsoft Exchange Online. It seems it will be neccessary to use OAuth 2.0 since October 13th 2020 for IMAP. In which versions of Sysaid is the OAuth 2.0 authentication available for IMAP? The following is a notification e-mail from Misrosoft informing about the upcoming change. Thank you. ---- Basic Authentication Retirement for legacy protocols in Exchange Online Major update: Announcement started Applied To: All customers Beginning October 13, 2020, we will retire Basic Authentication for EWS, EAS, IMAP, POP and RPS to access Exchange Online. Note: this change does not impact SMTP AUTH. There are several actions that you and/or your users can take to avoid service disruptions on client applications, and we describe them below. If no action is taken, client applications using Basic Authentication for EWS will be retired on October 13, 2020. https://techcommunity.microsoft.com/t5/Exchange-Team-Blog/Upcoming-changes-to-Exchange-Web-Services-EW
Simple issue here (I think). We use LDAP integration for SysAid. We had users imported from LDAP. Worked fine. I created a new OU in Active Directory. I moved the user accounts previously imported to the new OU. I added a new user root setup in the LDAP integration page to scan for users in the new OU. Will Sysaid be smart enough to know that it has previously imported the users it finds in the new OU, or will it see them as new users because it finds them in the new OU creating duplicate users? Not using sub-OU scanning tick box. Also, I have the LDAP integration scan set to run daily. How can I manually run this scan to immediately add new users? Thanks in advance for the help.
Login to the community
Login with SSOLogin with oauth
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.