ConnectWise Automate (formerly LabTech) provides the ability to link your Automate server to your internal Active Directory for managing Automate users (Technicians) accounts. Using this functionality can simplify account management while ensuring passwords are changed according to company policy. There are a couple requirements for this to work properly. First, the Automate Server must be part of the domain you are trying to join it to. Second, you must be logged into the Automate Server with a Domain Administrator account. If you meet these two requirements, log into the Control Center from the Automate Server and navigate to Dashboard > Config > VNC / Ticket Priority.
In this window, you will see the settings for configuring the Active Directory LDAP Account Sync on the top right-hand side. Perform the following steps:
- Check “Enabled LDAP Account Sync”
- Click the “Get LDAP Config” button to auto populate the above text boxes. If they do not fill in, you may have to enter the connection details manually.
- Click “Create AD Groups”. This will create a group on your Domain Controller for each available Automate Security class.
- Click “Save”
At this point, you can log onto your Domain Controller to ensure the security groups were successfully created. For user accounts in Automate and Active Directory to successfully sync, the usernames must match exactly in both systems. If you add any Domain users to the created security groups, when they log into the Automate Control center their permissions will be overwritten with the groups they were assigned. If do not assign a user to any groups and they have an existing login on the Automate server, only their password will sync and they will retain their existing user permissions.