On the Users tab, pick one or more base DNs (distinguished names) from which you import the users. In addition, you can assign user attributes from the LDAP server to user properties in MyQ and select additional options concerning the synchronization.

LDAP sync users tab settings

  • Base DN: Here you can pick the base domain or domains from which you import users. Click +Add to add a text box for the new base DN, and then drag a group from the database browser and drop it in the text box. You can add multiple domains this way.

    Dragging and dropping a domain
  • Properties: These are the properties of every individual user. MyQ will automatically find and assign the user's SAM account name to user name, cn to full name and mail to Email (this applies to Active directory and OpenLDAP only). The user name property is the only one that cannot be changed. To assign an attribute to a property, write the name of the attribute in the property text box or drag it from the attributes of any individual user and drop it in the text box. The following properties support adding multiple values to them, separated by a semicolon (;):

    • Alias

    • PIN

    • Card

For example, in the Alias property, you could add alias1;alias2;alias3.

The AD attribute name should not contain the semicolon (;) character. If a semicolon is part of the attribute's name, that attribute will not be synchronized in MyQ.

Dragging and dropping the mail attribute

For assigning default languages to users, you have to use an attribute from the LDAP server that has the language abbreviations as its values. For example, you can create and use an attribute called lang with the values en for English, hr for Croatian, etc. The list of the abbreviations used in MyQ can be found here.

  • Options: For a description of the common synchronization options, see User information and settings. In addition to the basic options that are common for both the synchronization from LDAP servers and for synchronization from CSV files, there is one specific option that belongs only to the import from LDAP servers: append the domain name to the username (username@domain.local). This option enables you to save the information about the LDAP server in the user name. For more information about this
    option, contact your MyQ support.

  • Filter: You can filter the users import by specifying the values of attributes. Add the conditions in the form: Attribute=Value. Users with a different value on this attribute are not accepted and are filtered out of the import.
    For attributes where the values are strings, such as the cn attribute, you can use the * symbol to search for substrings. The symbol can be appended from both sides. For example, if you add a cn=*in* condition, only users whose common name attribute contains "in" are accepted.
    Add one condition per row. Users are accepted if they satisfy at least one condition.

Sync example using a filter