Enriching IT Glue Contacts with Active Directory user data

This article explains how Active Directory (AD) data collected by Network Glue can help create new IT Glue Contacts, or enrich existing contacts by automatically matching them to AD information. This allows you to easily automate and manage all of your AD user documentation directly within IT Glue.

Prerequisites

You must have enabled Active Directory during the initial setup of the Network Glue Collector. For more details on this, please refer to our Setting up Network Glue for an IT Glue organization KB article.

Field display logic

AD Data Field	IT Glue Field	Comments
First Name	First Name	N/A
Last Name	Last Name	N/A
Title	Title	N/A
N/A	Email Type	To automatically push contacts created from AD data to your PSA, select an Email Type in the PSA Sync Settings page. Refer to the instructions in the next section of this KB. Otherwise, all contacts will be created with "AD Email" type
Email	Email	N/A
N/A	Phone Type	To automatically push contacts created from AD data to your PSA, select a Phone Type in the PSA Sync Settings page. Refer to the instructions in the next section of this KB. Otherwise all contacts will be created with "AD Phone" type.
Phone	Phone	N/A
AD Status	No field	Existing or newly-created contacts will be enriched with these additional fields.
Last Logon	No field
Last Password	No field
Password Expires	No field

Matching logic

Contacts will be automatically matched using the Email address field. If the email address is not found, then the auto-match will use the First name and Last name fields.

Enabling on-premise Active Directory users

Navigate to Account > Network Glue.
Click on an existing Network Glue Collector link and click Edit.

NOTE : If you are creating a new Network Glue Collector, click +New and add required details in the Network Information tab.

Click on the Active Directory tab.
Enable the Scan Active Directory toggle switch (displays a tick mark when it is ON). By default, Network Glue Collector will leverage Active Directory to detect additional information.
Enter the following information:
1. Domain Controller Hostname
2. Admin User FQDN (read-only access required)
3. Admin Password (read-only access required)
  Note: Information for the above three fields are mandatory.
4. Active Directory Users - Select the user types (Active, Disabled) that you want to sync to IT Glue. You can further select whether you want to select all disabled users, or only disabled users from a specific last logon date using the calendar picker.
5. Click Save

To turn off this feature, toggle the switch back to OFF.

Configuring two-way sync settings for contacts created from AD data

To automatically push newly-created contacts from on-premise or hybrid AD data, you will need to configure the two-way sync settings and contact attributes on your PSA Sync Settings page. These configurations ensure that newly-created contacts will have the correct email and phone type to be eligible for two-way sync. If they are not configured, the email and phone type fields will simply apply “AD Email” and “AD Phone” attributes instead which may not be eligible for the two-way sync which automatically pushes data.

In IT Glue, navigate to Account > Integrations > [Your PSA]. Click the Actions drop-down menu and select Sync Settings.
Click the Two-Way Sync Settings tab, select the Enable two-way sync checkbox, and select the Email Type and Phone Type from their respective drop-down menus.
Click Save.

After you turn on two-way sync, any updates that are made to mapped fields will automatically push to your PSA.

NOTE

If you had existing Organizations, Configurations, Contacts, or Locations populated in your PSA that also exist in IT Glue, you must edit and save each asset individually to trigger the Enabling two-way sync. Enabling the two-way sync alone will not automatically push these assets.
If you are switching PSAs or adopting one for the first time, you can complete a one-time push to have all your IT Glue data synced at once. As IT Glue is your single source of truth, this push allows you to quickly sync all your well-documented assets in one go rather than having to manually edit, save, and push each one before completing a sync. Refer to our Pushing All Syncable Assets to PSA article for more details.

Collecting Active Directory data

All AD users are collected via AD credentials from on-premise or hybrid AD environments, so if the same credentials are used on multiple collectors, Network Glue will add this data to every Contact Matching page per collector. However, since the data is the same, every matching action that is performed on one Contact Matching page will be reflected on all other Contact Matching pages where the same data appears.

This means that if you have installed multiple collectors per organization to identify multiple subnets, your AD users will not be duplicated even if the AD credentials used are the same. AD users are collected by Network Glue installed per subnet per organization. AD data will only enrich existing IT Glue Contacts if you have provided your AD credentials. If you have not done so, the Contact Matching page will remain empty and display a “No Active Directory users were found as AD credentials were not specified” message.

Contact Matching page

After the Network Glue Collector has completed the scan, navigate to the Contact Matching page (Account > Network Glue > Contact Matching). This table will display the AD user’s name, email, and status.
- If you have not yet provided your AD credentials, then this page will be empty. Add the credentials to populate this page.
On this page, you can view, filter, and search a list of Unmatched, Matched, and Ignored contacts by clicking each of the three categories.
- Unmatched list - Displays unmatched AD users that were synced from Network Glue data. You can choose to manually match these contacts if desired. This page also displays any AD user that was either matched or created but then deleted.
- Matched list - Displays AD users that were automatically matched to an existing IT Glue Contact or were created as contacts in IT Glue.
- Ignored list - Displays AD users that were purposefully ignored and should no longer be used.
  NOTE If the entire Network Glue Collector is deleted, the Contact Matching page and all associated matching relationships for the data will also be deleted from Network Glue.

Contact show page

If a contact is created from Network Glue data and matches your PSA’s sync requirements, then a PSA badge icon will appear on the Contact show page.

Four new overlay fields will be displayed: AD Status, Last Logon, Password Expires, and Last Password Reset.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.