Active Directory and LDAP can be leveraged to enable automated importation of a staff list into VisitorRego.

Active Directory integration is intended for a system administrator or IT specialist to set up. Knowledge of how your Active Directory is structured to pull the correct information is required. Please contact your system administrator for assistance in setting up this feature.

If the VisitorRego unit is not connected to your network, an AD update utility can be used on a machine or server that is domain connected. The utility retrieves Active Directory user information for specified queries and sends the data to the VisitorRego remote API or an SQL database depending on how it is configured. The AD update utility can also be configured to retrieve user information from a CSV file.

VisitorRego now has a new process in place for loading staff from your Active Directory if the unit itself is not on your network. The new process uses a PowerShell script which retrieves Active Directory user information for specified queries and sends the data to the VisitorRego remote API. The script process has improved encryption and can work with Azure Active Directory. We recommend using the script instead of the AD Update utility. Please see here for more information on the PowerShell script.

If the VisitorRego unit itself is authenticated against your domain or connected to your network, please see here for information on AD integration through the software itself.

ADUpdate Information and Configuration Options

To use the ADUpdate utility, the machine or server you are using to run the program will need to be able to communicate with both your Active Directory, and the VisitorRego Facilities server or database depending on how it is configured.

The utility ADUpdate.exe and command file can be obtained by contacting the VisitorRego support team.

ADUpdate can be configured in a number of ways:

Read from AD and write staff details to the VisitorRego Facilities Server
ADUpdate is run on a machine or server that is domain connected (so it can read AD) and is able to write to the VisitorRego Facilities server (https://facilities.visitorrego.com/). The VisitorRego unit synchronises with the Facilities server to refresh the locally held staff list.

Read from AD and write staff details to the VisitorRego SQL database
ADUpdate is run on a machine or server that is domain connected (so it can read AD) and is able to write to the VisitorRego SQL database.

Read from a CSV file and write staff details to the VisitorRego Facilities Server
ADUpdate reads a CSV file at a specific location and writes to the VisitorRego Facilities server (https://facilities.visitorrego.com/). Your system administrator or IT specialist would need to write a process to create a CSV file which needs columns in a specific order. The VisitorRego unit synchronises with the Facilities server to refresh the locally held staff list.

Read from a CSV file and write staff details to the VisitorRego SQL database
ADUpdate reads a CSV file at a specific location and writes to the VisitorRego SQL database. Your system administrator or IT specialist would need to write a process to create a CSV file which needs columns in a specific order.

Understanding the Parameters that ADUpdate Accepts

A batch script is used with ADUpdate which looks at specific parameters to load staff. The batch script is a .cmd file typically named ADUpdate_Facilities.cmd. Please contact the VisitorRego support team for a copy of this file.

If you edit the .cmd file with Notepad, you will see the following parameters that ADUpdate accepts:

"C:\Program Files (x86)\VisitorRego.NET\ADUpdate.exe"
Specifies the location path of ADUpdate.exe.

SiteID=
This is the SiteID that staff will be loaded into. SiteID "0" is the Site where in a multi-site database, all staff are loaded and referenced by all sites - Load Staff Across All Sites. If you are loading to a specific site then you need to know the SiteID from the site table in the database.

ADDomain=
Specifies the name of the AD domain (e.g. dc=visitorrego,dc=co,dc=nz). You can also include ou’s.

LDAPQ=
Specifies the LDAP query (e.g. (objectClass=user)).

FACILITIES=
YES= specifies that you are writing staff to the Facilities server.

FACILITIESSERVER=
Specifies the facilities server URL https://facilities.visitorrego.com/.

UIDKEY=
Specifies your site specific unique identification key. Please contact the VisitorRego support team for this.

DELETE=
YES= when finished loading staff, delete any staff records that haven't been updated. This allows you to run ADUpdate any number of times with "DELETE=NO"; then on the last run specify "DELETE=YES" to delete staff that are no longer in the Active Directory.

LOGGING=
YES= writes logging information to the Windows Application log file.

PROXYSERVERURI=
Specifies the proxy server network URI (if applicable).

PROXYSERVERUSER=
Specifies the proxy server user name credentials (if applicable).

PROXYSERVERPASSWORD=
Specifies the proxy server password credentials (if applicable).

PROXYSERVERDOMAIN=
Specifies the proxy server domain (if applicable).

Using ADUpdate

In this section we list the steps for using ADUpdate to read from AD and write staff details to the VisitorRego Facilities server.

Follow the steps below to configure and run ADUpdate from a domain connected machine or server:

1. Have ADUpdate.exe present on the machine you will be running it on in a specific folder (e.g. C:\ADUpdate\).
   
2. Copy the file VRObj.dll from the VisitorRego.NET folder on the VisitorRego unit to the same folder as ADUpdate.exe. You can find VRObj.dll at C:\Program Files (x86)\VisitorRego.NET.
   
3. Obtain your site specific unique identification key (UIDKEY) by contacting the VisitorRego support team.
   
4. Obtain your site ID (SiteID) from the VisitorRego SQL database dbo.Site table.
   
5. Obtain the ADUpdate_Facilities.cmd file. Please contact the VisitorRego support team for this.
   
6. Edit the ADUpdate_Facilities.cmd file using Notepad.
   
7. Replace "C:\Program Files (x86)\VisitorRego.NET\ADUpdate.exe" to the location path of ADUpdate.exe.
   
8. Replace the "SiteID=1" number with your site ID. SiteID = 0 loads from all sites, if you only have one site, then SiteID = 1 would suffice.
   
9. Replace "ADDomain=dc=visitorrego,dc=co,dc=nz" and "LDAPQ=(objectClass=user)" with your specified Domain and LDAP Query.
   
10. Replace "UIDKEY=AAAAA-AAAAA-AAAAA-AAAAA-AAAAA" with your site key.
    
11. Save the file.
    
12. Run the ADUpdate_Facilities.cmd file to begin the staff load process.

Automating the Load Using Task Scheduler

Once you are able to load staff successfully using ADUpdate you can automate the process as a background task using Windows Task Scheduler. Follow the steps below to do this:

1. Open Windows Task Scheduler.
   
2. Click the Action menu, then click Create Basic Task.
   
3. In the Name field, type a short descriptive name for the task. For example, ADUpdate.
   
4. Click the Next button.
   
5. Select the frequency on when you want the task to start.
   
6. Click the Next button.
   
7. Using the Start settings, specify when the task should start running and the time.
   
8. Click the Next button.
   
9. Select the Start a program option to launch an app, run a command, or execute a script file.
   
10. In the "Program/script" field, specify the path of the ADUpdate_Facilities.cmd file.
    
11. Click the Finish button.
    

Once you've completed the steps, the task will be saved, and it'll run automatically on the schedule you specified.