Active Directory Synchronization Configuration Reference
The following tables describe all the configuration items in the Active Directory Synchronization Profiles.
Active Directory General Information Section
Configuration Parameter Name | Description | Sample Value |
---|---|---|
Description | The profile's talkative name | Recorded Users |
Enabled | Disabled profiles will not be synchronized. | Yes |
Sequence | Each user will be processed by only one Active Directory Profile, so the Profile with the smaller sequence will process users read from multiple profiles. | 100 |
Active Directory Type | The type of the Active Directory the profile will be connected to. This setting determines whether the LDAP Active Directory or the Microsoft Entra ID (formerly Azure Active Directory) related settings will be shown in the next section. | LDAP |
Active Directory Information Section
Configuration Parameter Name | Description | Sample Value |
---|---|---|
LDAP Host | Hostname of the AD / LDAP server. | ad.mycompany.com |
LDAP Port | Port number of the AD / LDAP server. The default port is 389 (636 if SSL is used), Active Directory Global Catalog Forest-Wide port is 3268 (3269 if SSL is used). | 389 |
Use SSL | If enabled Verba uses secure connection to connect to your LDAP host. | |
Character Encoding | What character encoding should be used when reading from the AD / LDAP server. | ISO-8859-1 |
LDAP User Distinguished Name or Domain User Name | The full username that Verba will use when connecting to the AD / LDAP server. This account should have the proper privileges to read the synchronized users. For anonymouslogon, leave it empty. | mycompany\verba_account |
LDAP Password | The password that Verba will use when connecting to the AD / LDAP server. For anonymouslogon, leave it empty. | secret |
LDAP User Search Base | The DN of the container where the synchronized users can be found. Base DNs can be fetched by the button next to the input field. | OU=Users,DC=mycompany,DC=com |
LDAP Search Filter | A valid LDAP Search expression that will be used to filter the entries under LDAP User Search Base. | (&(objectclass=person)(memberOf=CN=Verba_Group,DC=yourdomain,DC=com)) Please make sure that there is no space character at the end! |
Search Entry | Fill it with either a simple string like 'Verba_Rec*' or with a valid LDAP filter like (CN=Verba_Rec*) | |
Simple Paging | Allows Verba to synchronize more than 10,000 people. Turn this option on if the number of users may exceed 10,000. | |
Follow Referrals | Indicates how to handle referrals. If checked Verba follows referrals. If unchecked Verba ignores referrals. | checked |
Dereference Policy | The dereference policy is an element of a search quest that specifies how Verba should handle alias entries that may be encountered during search processing. Allowed alias dereference policy values include:
| Never |
Microsoft Entra ID (formerly Azure Active Directory) Information
Configuration Parameter Name | Description | Sample Value |
---|---|---|
Tenant ID | The ID of the Microsoft Entra ID tenant which is being used | |
Application ID | The ID of the Connector App for Verba | |
Application Secret Pass | The secret pass of the Connector App for Verba | |
Microsoft Entra ID Login | Login credentials for Microsoft Entra ID. The login button will be shown after the profile is saved. | |
User Search Filter | Graph API users filter parameter. | department eq 'callcenter' |
Decode "userPrincipalName" Attribute | If the checkbox above is checked, then the "userPrincipalName" attribute value of Guest users from the Microsoft Entra ID will be decoded to a valid email address. |
Merge with Other profiles Section
Observer user for Four Eyes Login | Description | Sample Value |
---|---|---|
Profiles to be Merged | List of the Active Directory Synchronization profiles to be merged. The merged profiles will add additional properties to the users synchronized by the base profile. | |
Merge Extensions | Sets if the extension configuration (Phone Number Section from the LDAP Directory Information tab, and the corresponding Recording Settings, Data Sources, Announcement settings from the New Users' Properties tab) will be merged from the profiles added to the Profiles to beMergedlist. | |
Merge Groups | Sets if the group configuration (New Users' Groups setting from the New Users' Properties tab) will be merged from the profiles added to the Profiles to beMergedlist. | |
Merge Roles | Sets if the role configuration (Available Roles setting from the New Users' Properties tab) will be merged from the profiles added to the Profiles to beMergedlist. |
Synchronized LDAP Attributes Mapping Section
Configuration Parameter Name | Description | Sample Value |
---|---|---|
Display Name | LDAP attribute name that stores the users' full name. | cn |
Login ID | LDAP attribute name that stores the users' account name. | sAMAccountName |
User Matching ID | ||
E-mail Address | LDAP attribute name that stores the users' email address | |
Location Attribute | LDAP attribute name that stores the users' location. | co |
Location | This setting will be used when the Location Attribute is not set up or the attribute is not filled in for a user in the AD. | |
Retention Period (days) Attribute | LDAP attribute name that stores the users' retention period | |
Retention Period (days) | This setting will be used when the Retention Period (days) Attribute is not set up or the attribute is not filled in for a user in the AD. | |
Automatically Delete Conversations after the Retention Period is Over | Sets if the recorded conversations belonging to the user should be deleted after the retention period is over |
Phone Number Section
Configuration Parameter Name | Description | Sample Value |
---|---|---|
Synchronize Phone Numbers | If it is not turned on, Verba will not synchronize phone numbers. If the profile stores users who should not have phone numbers, then this setting should be turned on and no extension mapping should be set up. | |
Mapping Presets | You can use our Lync preset or you can create your own custom mappings. New extension maps can be added by pressing the button below. | |
LDAP Attribute | LDAP attribute name that stores the users' phone number or SIP address. | msRTCSIP-Line |
Pattern to Match | A regular expression that will be replaced. | ^[tT][eE][lL]:(.*);ext=.*$ |
Conversion Rule | The regular expression in "Pattern to Match" setting will be replaced by this text or regular expression. | $1 |
Below you can see an example extension mapping setup:
Verba Groups based on AD Organization Unit Hierarchy Section
Configuration Parameter Name | Description | Sample Value |
---|---|---|
Enable | If it is enabled Verba will generate hierarchical groups based on Active Directory Organization Unit hierarchy | true |
Group Naming - Reverse Order | If this setting is turned on, then the name of the created Verba group will be something likecom / company/ Organization / Group Name Otherwise it will be Group Name / Organization / company /com | true |
Group Naming - Separator | If this field is empty, then the attributes will be concatenated in their original form: CN=GroupName,DC=yourdomain,DC=com | / |
Group Naming - Skip Top Level | If the top levels of the Organization should be skipped this field can define the number of skipped level. | 1 - In this case, the highest level(DC=com) will be skipped. |
Groups Section
Configuration Parameter Name | Description | Sample Value |
---|---|---|
Synchronize Groups | If it is enabled then Verba will also create groups for the imported users. | true |
Verba Groups based on AD Groups | If it is enabled then Verba will follow the AD Group relationships and will create nested groups if required. | true |
Synchronized Group Attributes | Comma-separated list of attributes that should be read from a User object. | memberOf |
Group Naming - Template | If the created Verba group name should be the simple name of the security group, then set this setting to CN. If the Verba group's name should contain the whole DN of the group, then set this setting to empty. | CN |
Group Naming - Reverse Order | If this setting is turned on, then the name of the created Verba group will be something likecom / company/ Organization / Group Name Otherwise it will be Group Name / Organization / company /com | true |
Group Naming - Separator | If this field is empty, then the attributes will be concatenated in their original form: CN=GroupName,DC=yourdomain,DC=com | / |
Filtered Synchronization | Possible values are:
| Synchronize selected groups only |
Select Group | Select the groups you would like to be (or not to be, it depends on the Narrow option above) synchronized from the Active Directory. You can select multiple groups. |
Manager/Direct Reports Section
Configuration Parameter Name | Description | Sample Value |
---|---|---|
Generate Groups Based on Manager/Direct Reports | If it is enabled then Verba will also create groups based on the direct reports. (Note: Feature is enabled only on the synchronized users) | true |
Group Name | Naming template for the generated groups. The following placeholders can be used: [manager_name] [manager_login] [manager_department] [manager_company] | Direct Reports of [manager_name] ([manager_login]) |
Add All Parent Managers | If enabled the synchronization will add the manager's manager with the same privileges to the group | true |
Manager Roles | ||
Supervisor | Defines group supervisor permission for the manager(s) | true |
Manager | Defines group manager permission for the manager(s) | true |
Administator | Defines group administrator permission for the manager(s) | true |
Test Connection Section
This section can be used to quickly test whether the configuration is proper.
By default, full synchronization is done only at the first run of the Active Directory Synchronization Profile. After that only differential synchronization will be done. If a full synchronization is needed, the checkbox at the Run Full Synchronization setting has to be ticked. This checkbox ticked automatically when the Active Directory Synchronization profile was modified.
New Users' Properties tab
The New Users' Properties tab can be used to configure what properties should new users be synchronized with to Verba.
The basic user configuration can be set up here such as Password Generation, Language, Timezone, etc. Since these properties are not synchronized from the AD, these can be customized later for the individual users.
Configuration Parameter Name | Description | Sample Value |
---|---|---|
User type | Standard | |
Change Password at First Logon | ||
Verba Password Generation | Login name + 123 | |
Language | English (en) | |
Default Timezone | GMT-05:00 - Jamaica Eastern Standard Time | |
Authorization Workflow | ||
Retention Period (days) | 30 | |
Automatically Delete Conversations after the Retention Period is Over | ||
Observer User (four eyes login) | Observer user for Four Eyes Login | |
Observer Group (four eyes login) | Observer group for Four Eyes Login |
Associated Extension Settings section
Configuration Parameter Name | Description | Sample Value |
---|---|---|
Recording Mode | Here you can select from the available recording modes and apply them to a phone number. The following valid values apply:
| Full |
Voice | If enabled, Verba records the imported user's voice. | - |
Instant Messaging | If enabled, Verba records the imported user's instant Messages. | - |
Video | If enabled, Verba records the imported user's video. | - |
Desktop Screen | If enabled, Verba records the imported user's desktop screen. | - |
Screen & Application Share | If enabled, Verba records the imported user's screen and application window shares in the meetings. | |
Whiteboard | If enabled, Verba records the imported user's whiteboard presentations in the meetings. | |
Poll / Q&A | If enabled, Verba records the imported user's poll and Q&A actions in the meetings. | |
File Share | If enabled, Verba records the imported user's file shares. | |
SMS | If enabled, Verba records the imported user's SMS messages. | |
Recorded Directions | Sets which directions of the users' calls will be recorded. | All |
Record Calls Answered by 3rd Party | Sets in which scenarios the calls will be recorded when answered by a 3rd party. | All |
Data Sources section
Configuration Parameter Name | Description | Sample Value |
---|---|---|
Record Every Platform | Sets if the users' calls will be recordedregardlessthe platform. | |
Recorded Platforms | If the Record Every Platform setting is turned off, then the list represents the platforms where the users' calls should be recorded. | |
Import from Every Source | Sets if the users' calls will be importedregardlessthe import source. | |
Import Sources | If the Import from Every Source setting is turned off, then the list represents the sources where the users' calls should be imported from. |
SfB/Lync Recording Announcement section
In case you have configured the Verba Lync Recording Announcement service then the following settings will turn on the announcement for the imported users.
Configuration Parameter Name | Description | Sample Value |
---|---|---|
Play Notification for PSTN/Federated Inbound Calls | If enabled and the announcement is configured then Verba will playnotification for PSTN and federated inbound calls for the imported users. | - |
Play Notification for PSTN/Federated Outbound Calls | If enabled and the announcement is configured then Verba will playnotification for PSTN and federated outbound calls for the imported users. | |
Play Notification for Conference Calls | If enabled and the announcement is configured then Verba will play notifications for conference calls for the imported users. | - |
IM Notification for Conference Calls | If enabled and the announcement is configured then Verba will play IM notifications for conference calls for the imported users. | - |
Cisco Recording Announcement section
In case you have configured the Verba Cisco Recording Announcement service then the following settings will turn on the announcement for the imported users.
Configuration Parameter Name | Description | Sample Value |
---|---|---|
Play Notification for Inbound Calls | If enabled and the announcement is configured then Verba will playnotification for PSTN inbound calls for the imported users. | - |
Play Notification for Outbound Calls | If enabled and the announcement is configured then Verba will playnotification for PSTN outbound calls for the imported users. |
Assigned Roles and Available Roles section
Sets which Verba Roles should the newly created users have. Since Verba Roles are not synchronized from the AD, these can be customized later for the individual users.
New Users' Groups section
Here you can view the list of your existing groups inside Verba and you can select to which group(s) you would like to add your imported users.
If you don't select any groups here and you don't use the Groups section from the LDAP Directory Information tab then the users will automatically be assigned to the "default" group.
Advanced Active Directory Synchronization Settings
There are additional settings which help you fine-tune how the Active Directory Synchronization works. In order to reach them, go to the Administration / Verba Servers menu, select your Media Repository (or Combo) server and go to the Change Configuration Settings tab. The settings can be found under the Web Application / Active Directory Syncronization node.
Configuration Parameter Name | Description | Sample Value |
---|---|---|
Run Active Directory Synchronization on Server | If enabled, then the synchronizations will be enabled to run on the server. | Enable |
Page Size | Number of users to be read in one cycle. | 1000 |
Enable Reverse Check on Synchronization Attempts | If enabled, then after all of the users read, the first user will be red in reverse order, and it will be compared with the last user red in the first loop. If it does not match, then the synchronization will be rolled back. | Enable |
Enable Full Reverse Check on Synchronization Attempts | If enabled, then all of the users will be read in reverse order, and will be compared with the original results. | Disable |
Automatic Rollback Threshold on Invalidated Users [%] | If set, then all synchronization runs which changes more percent of the previously synchronized users than the value will be rolled back. | 0 |
Send email notification on successful AD sync runs | If enabled, then a notification email will be sent out after every active directory synchronization runs. | No |
Synchronize teams during the Active Directory profile execution | If enabled, the Active Directory synchronization process also synchronizes team data from Microsoft Teams. If this setting is enabled, team data is only synchronized when an AD synchronization process runs, which can result in outdated team lists or team membership information. In multi-tenant environments, this feature also requires the enabling of the Synchronize teams during the Active Directory profile execution parameter under Teams>Microsoft Entra ID synchronization in the Environment Configuration. | Disable |