Introduction/Summary: 

How to sync the AD-department with users in CA Service Catalog through the ldapimporter utility.

Background:  

How to sync not only the user's information from AD(ldap) but also the department, extension with Service catalog?

To be able to get this data (e.g. department) visible on a field in a Catalog-Form with the java-value-function $(_.user.xxxx).

Environment:  

CA Service Catalog on Windows.

Instructions: 

To get the department visible for a user, it needs to be synchronized between AD and the ca_contact table.

The ldapimporter utility is the utility to sync AD-data with the ca_contact table in the mdb database.

However, the ldapimporter only populates the user-data in the ca_contact table from the AD/LDAP.

To get the department synchronized too, a workaround is needed.

We use the user's column 'description' (in the ca_contact table) to hold the 'department'-value.

To import the department from the AD into the ca_contact table, set/change the below in the ldapimporter<server>.properties file:

LDAP.User.MicrosoftAD.Mapping = ca_userName = sAMAccountName \n ca_firstName = givenName \n ca_lastName = sn

.....

\n ca_description = department.

In the AD-UI set the Organization/Department for a user.

And then execute "ldapimporter.bat ldapimporter<server>.properties" to sync ca_contact with AD/LDAP on this field.

The ca_contact table and it's 'comments' column then show the value of the department as in AD.

Then follow the below procedure to get the department visible in the CA Service Catalog Form.

On the form in the SC-UI, add a 'Text Field' component.

Next, for this field, look for the attribute with name='value'.

And then set this attribute's value to $(_.user.description).

After this, field on the form, shows the department info then too.