Default language.

Importing Salesforce Platform license users with assigned permission sets from an LDAP server


You can import users into your Salesforce organization by using the Pentaho Data Integration tool. The Pentaho package for importing Salesforce Platform license users with assigned permission sets from an LDAP server is available on the BMC Communities website.

By using the LDAP Pentaho package, you can import users who are assigned the Salesforce Platform license and ServiceDesk Client permission set by default. The

BMC Helix Remedyforce

package license is also assigned to the new imported users. For information about how users are imported into your Salesforce organization, see Overview-of-how-users-are-imported-from-LDAP-servers.

The following topics provide information about importing Salesforce Platform license users with assigned permission sets from an LDAP server into your Salesforce organization:

Note

For information about the LDAP versions that

BMC Helix Remedyforce

supports, see Supported-browsers-mobile-devices-and-integrations.

Before you begin

Before you can import users from an LDAP server, you must perform the following tasks:

To import Salesforce Platform license users with assigned permission sets from an LDAP server

You cannot assign a permission set to an existing user by using this Pentaho package. Instead, you can use the KTR file provided in the InsertPermissions folder. For more information, see To assign permission sets to existing users by using a KTR file.

Best practice
We recommend that you do not change the default API version in the Salesforce Webservice URL.


Important

Consider the following information when providing the access details for your Salesforce organization:

If you have enabled the setting to access your Salesforce organization from limited IP addresses, you must append the security token to your Salesforce organization password.
For example, if the password for your Salesforce organization is mypassword and your security token is XXXXXXXXX, specify mypasswordXXXXXXXXX in the Password fields.

  1. To launch the Pentaho Data Integration tool, perform the following actions:
    1. Navigate to the location where you downloaded and unzipped the Pentaho Data Integration tool.
    2. Navigate to the data-integration folder and double-click the Spoon.bat.
  2. In Pentaho Spoon, select File > Open, navigate to the folder where you downloaded the Pentaho packages, and open the TransferLDAPInfo.kjb file.

  3. In the Combined Job Properties window, perform the following actions:

    1. Right-click on the screen.
    2. Select Properties.
    3. Click the Parameters tab.
    4. Enter the values for the required parameters.

    img_ldap_pentaho_new.png

    Note

    After you enter the credentials for the combined job (top-most parent), the credentials are inherited by all the subsequent jobs or transformations.

  4. (Optional) On the TransferLDAPInfo tab, in the Transfer Lookup Excel Export step (transformation), provide your Salesforce organization access details.

    Click here to see the detailed steps.
    1. Right-click the Transfer LookUp Excel Export step, and select Open referenced object > Transformation.
    2. On the LookUp Excel Export tab, double-click one of the following steps:
      • Salesforce Input [From User]
      • Salesforce Input[For Profile]
      • Salesforce Input[From Account]
      • Salesforce Input[From UserRole]
      • Salesforce Input[For User Account Link]
      • Salesforce Input[From Permission Set]
    3. In the Salesforce Input window, enter your Salesforce organization user name and password.
    4. (Optional) To verify the connection, click Test connection and then click OK.

    5. To save your changes and close the Salesforce Input window, click OK.

    6. Repeat step 3b to step 3e for the other steps listed in step 3b.
    7. To save the KTR file, click Savepentaho6_saveicon.png.
  5. (Optional) On the TransferLDAPInfo tab, right-click the Assign Account to users step, and select Open referenced object > Transformation.
    1. On the TransferAccountsToUsers tab, double-click the Salesforce Insert [For User Account Link] step.
    2. Enter your Salesforce organization user name and password.
    3. (Optional) To verify the connection, click Test connection and then click OK.
    4. To save your changes and close the window, click OK.
    5. Double-click the Salesforce Update step and repeat step 4b to step 4d.
    6. To save the KTR file, click Save.
  6. (Optional) On the TransferLDAPInfo tab, right-click the Assign Permission sets to the new users step, and select Open referenced object >  Transformation.
    1. On the AssignPermissionSets tab, double-click the Salesforce Insert step.
    2. Enter your Salesforce user name and password.
    3. (Optional) To verify the connection, click Test connection and then click OK.
    4. To save your changes and close the window, click OK.
    5. To save the KTR file, click Save.
  7. (Optional) On the TransferLDAPInfo tab, right-click the Assign Remedyforce License to the new user step, and select Open referenced object > Transformation.
    1. On the AssignRemedyforceLicense tab, double-click the Salesforce Update step.
    2. Enter your Salesforce user name and password.
    3. (Optional) To verify the connection, click Test connection and then click OK.
    4. To save your changes and close the window, click OK.
    5. To save the KTR file, click Save.

  8. (Optional) On the TransferLDAPInfo tab, in the Update Salesforce with LDAP user information step (transformation), provide your LDAP server and Salesforce organization access details and, if required, customize the Pentaho package.

    Click here to see the detailed steps.

  9. (Optional) On the TransferLDAPInfo tab, in the Update manager information step, provide your Salesforce organization and LDAP server access details:

    Click here to see the detailed steps.
    1. Right-click the Update manager information step and select Open referenced object > Transformation.
    2. To provide the Salesforce organization access details, perform the following actions:
      1. Double-click the Salesforce Update step.
      2. Enter your Salesforce organization user name and password.
      3. (Optional) To verify the connection, click Test connection and then click OK.
      4. To save your changes and close the window, click OK.
    3. To provide LDAP server access details, perform the following actions:
      1. Double-click the LDAP Input step.
      2. In the Host section, ensure that the correct LDAP host connectivity configuration has been entered.
      3. In the authentication section, enter the user name and password of the LDAP server from which you are importing users.
      4. (Optional) To verify the connection, click Test connection and then click OK.
      5. To save your changes and close the window, click OK.
    4. To save the KTR file, click Save.

    Note

     Post connection testing, revert to the original Parameters tab to use the global parameters. 

  10. To save the KJB file, click Save.
  11. In the KJB file, click Run this jobpentaho6_runjobicon.png.

  12. Perform one of the following actions based on the Pentaho version that you are using:

    Pentaho version

    Action

    6.1

    In the Run Options window, click Run.

    5.4

    In the Execute a job window, click Launch.

    Transformation status is depicted by using the following icons:

    • pentaho6_successfulicon.png— Complete
    • pentaho6_runningicon.png — Running
    • pentaho6_failureicon.png — Unsuccessful
  13. (Optional) To view logs, in the Execution results section, click the Logging tab.
    All errors are displayed in red.

To assign permission sets to existing users by using a KTR file

To assign permission sets to existing users by using the KTR file provided in the InsertPermissions folder, you need the AssigneeId of users and the IDs of the permission sets that you want to assign to the users. You can change the permission set that you want to assign to the imported users.

  1. From the InsertPermissions folder, double-click the PermissionSetAssignment.csv file, and enter the user IDs (AssigneeIds) and the permission set IDs.
  2. To launch the Pentaho Data Integration tool, perform the following actions:
    1. Navigate to the location where you downloaded and unzipped the Pentaho Data Integration tool.
    2. Navigate to the data-integration folder and double-click the Spoon.bat.
  3. In Pentaho Spoon, select File > Open and navigate to the folder where you downloaded the Pentaho packages.
  4. To assign permission sets to existing users, from the InsertPermissions folder, open the InsertPermissionSets.ktr file.
  5. In the InsertPermissionSets.ktr file, double-click the Salesforce Insert step, and enter your Salesforce organization user name and password.
  6. To save your changes and close the window, click OK.
  7. To save the KTR file, click Save.
  8. To run the KTR file, click Run this job.

To schedule jobs to import data

On the BMC Communities website, the Pentaho packages for importing data from external data sources into BMC Remedyforce page contain a SchedulingFiles folder. This folder contains a sample batch file that you can use as a base to create your batch files for scheduling data import. For more information about scheduling a job, see http://wiki.Pentaho.com/display/EAI/Kitchen+User+Documentation.

Note

To understand the job scheduling process, refer to the following procedure. This procedure is an example to be used as a reference for all other packages.

To schedule the Remedyforce LDAP Pentaho package to import users, perform the following steps:

(For all other required packages, perform these steps by using the respective batch files.)

  1. Navigate to the Remedyforce Package folder.
  2. Rename your extracted package folder to SchedulingFiles.
  3. Open the folder where you have installed the Pentaho Data Integration tool and minimize this folder.
  4. Open the SchedulingFiles folder. 
    The folder contains two .bat files.
  5. To create a copy of the batch file, copy SchedulingTransferLDAPInfo.bat file and paste it in the same folder.
  6. Right-click the SchedulingTransferLDAPInfo.bat file and click Edit
    The SchedulingTransferLDAPInfo.bat notepad opens.
  7. Minimize the notepad and open the Pentaho data-integration folder as mentioned in Step 3.

  8. Copy the data-integration folder address and navigate to the notepad as mentioned in Step 6.

    The following figure shows an example of the updated SchedulingTransferLDAPInfo.bat file.

    img_sched_pentaho.PNG

  9. Before the first line of the notepad, type cd and paste the copied data-integration folder address . (Make sure to add a space betweeen cd and the folder address).
  10. Paste the data-integration folder address in the Kettle Home folder address and remove the double quotes ("").
  11. Paste the data-integration folder address in the kitchen.bat file address by replacing only the part before \kitchen.bat.
  12. Navigate to the Remedyforce Package folder and copy the address for TransferLDAPInfo.kjb.
  13. Paste the TransferLDAPInfo.kjb address in between \kitchen.bat /file: and /level:DetailedRemove the double quotes ("") and any additional spaces between the address.
  14. Save the notepad.

To prepare for scheduling
  1. Open the Command Prompt as an administrator.
  2. Type cd and then paste the SchedulingFiles folder address with a space in between the two. 
  3. Copy and paste the .bat file name (SchedulingTransferLDAPInfo.bat).
    The job starts running.
To schedule the job
  1. Go to Start > Control Panel > Administrative Tools > Task Scheduler.
  2. In the Actions section, click Create Task.
  3. In the General tab, enter the name and description.
  4. Select the Run with highest privileges check box, and click OK.
  5. On the Triggers tab, click New, select the appropriate option for starting the task, and click OK.
    For example, you can select Daily or When the computer starts as the option for starting the task.
  6. On the Actions tab, click New.
  7. Click Browse, select SchedulingTransferLDAPInfo.bat, and click OK.

KJB and KTR files for importing users from an LDAP server

In Pentaho, metadata is stored in XML format in the file system as KTR (transformations) or KJB files (jobs). The Pentaho package includes the TransferLDAPInfo.kjb file (job file) for importing users from an LDAP server. The job (KJB) file contains a series of transformations that run in a sequence. Each transformation maps to a KTR file that is available, along with the KJB file, in the Pentaho package.

The following table provides information about the KTR files and the corresponding transformations that the KJB file contains:

The following table provides information about the steps that are included in the TransferLDAPInfo.ktr file (Update Salesforce with LDAP user information transformation). The Pentaho package runs these steps to import users from the LDAP server into your Salesforce organization. You can view these steps only when you open the KTR file in the Pentaho Data Integration tool.

The KTR file also contains mapping of the fields in the LDAP server to the fields in the User table. For more information about mapping, see Overview-of-how-users-are-imported-from-LDAP-servers.

Troubleshooting

The following table describes the troubleshooting tips that you can use to resolve common issues that you might face when importing data.

Related topics

Overview-of-how-users-are-imported-from-LDAP-servers

Scheduling-jobs-to-import-data

Troubleshooting-common-issues-when-importing-data

Known-and-corrected-issues-for-Pentaho-packages

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*