Configuring the ILST

This article will teach you how to configure the ILST to sync users from one or more LDAP-supported data sources (e.g.,  Microsoft Active Directory, Azure AD) to your digital workplace. If you don't know what the ILST is, please see the Igloo LDAP Sync Tool (ILST) article to learn more about the ILST's purpose and functions.

For more information about the ILST config.xml file, see ILST configuration reference guide.

Sections in this article: 

Set up requirements

To set up the ILST, you will need:

  • The latest version of the ILST (Download the ILST).  
  • An administrator, or a qualified IT team member, of your LDAP-supported data sources.
  • The administrator of your digital workplace.

How to configure the ILST

To configure the ILST, you will edit the config.xml file found in the same directory as the ILST.

The ILST configuration process has 3 phases:

  • Phase 1: Configure the LDAP-supported data source(s) and Igloo connections
  • Phase 2: Configure the <UserAccount> section to query for users and sync profile attributes
  • Phase 3: Configure the <Group> sections to sync groups of users from your LDAP-supported data source(s) to your digital workplace

You do not need to complete all three phases at once and can pause between phases. For example, you don't need to have all of your groups mapped out (Phase 3) before setting up your LDAP-supported data sources and Igloo connections (Phase 1). Work with your digital workplace administrators and business owners to determine what information to sync from your LDAP-supported data sources to your digital workplace in each phase.

Note:

After each phase:

  1. Test the ILST by running it in Test Mode. For more information, see Running the ILST in test mode.
  2. Verify that the ILST has run all the way through. A complete log will have a summary of actions at the bottom and a total run time.
  3. Verify that there are no errors by checking the Errors summary. An error has occurred if the log does not end with a summary.
  4. If an error has occurred that you cannot resolve, submit a ticket to Igloo Support. For more information, see the Submitting ILST tickets section below.

Phase 1: Configure the LDAP-supported data sources and Igloo connections

Prerequisites:

  • Administrator access to your digital workplace or the assistance of someone with administrator access.
  • Download the ILST

Phase 2: Configure the <UserAccount> section to query for users and sync profile attributes

Prerequisites:

  • Consult your digital workplace administrator and business owners to identify which users and profile fields to sync to your digital workplace. 
  • If your digital workplace uses Premium Profiles, the Premium Profiles need to be applied to your digital workplace.

Phase 3: Configure the <Group> sections to sync groups of users from your LDAP-supported data sources to your digital workplace

Prerequisites:

  • Consult your digital workplace administrator and business owners to identify which user groups need to be set up in your digital workplace.
  • It is helpful to initially sync a couple of groups for testing and then sync the rest once those few are working.

Phase 4: Document the ILST for business continuity

Documenting your organization's ILST installation is essential to ensure business continuity. We recommend documenting the following:

  • The computer that runs the ILST and what is the ILST's folder location
  • The accounts being used with the ILST and their credentials.
  • Connection information for your LDAP Directory (firewall and access rules)
  • Who is responsible for maintaining the ILST
  • Any ILST-related processes that you have in your organization

Additionally, you can submit a ticket to Igloo Support to store this information with Igloo. Support agents can access it to facilitate quicker troubleshooting and smoother maintenance of the ILST. Do not provide any account passwords to Igloo Support. 

ILST command-line arguments

You can use the following command-line arguments when running the ILST:

Argument Description
-pictures

This argument allows the ILST to sync pictures from an on-prem Microsoft Active Directory to your digital workplace. It does not support other LDAP-supported data sources.

encrypt

Encrypts the passwords stored in <CommunityAPI> <PasswordEncrypted> and <Connection> <PasswordEncrypted>.
Available command-line arguments

Submitting ILST tickets

Only the most recent version of the ILST is supported. Ensure you run the latest version (4.0.1.0) before reporting any issues to Igloo Support.

Include the following information in your ticket:

  • Indicate that you are working on configuring ILST
  • Attach your ILST.log file. Ensure that your log level is set to Trace. For more information, see Changing how the ILST logs events.
  • Include the email addresses and CNs of any users you have questions about
  • Attach screenshots of any command-line console errors you are seeing.

To troubleshoot ILST issues, refer to the following:

Additional resources

For additional ILST documentation, refer to the following: