Using the Active Directory Source Component
The Active Directory Source Component is an SSIS data flow pipeline component that can be used to read / retrieve data from Microsoft Azure Active Directory and Microsoft Active Directory.
The component has the following two pages to configure how you want to read data from Active Directory:
- General
- Columns
General Page
The General page of the Active Directory Source Component allows you to specify the general settings of the component.
- Select the connection manager and source object
-
- Connection Manager
-
The Active Directory source component requires an Active Directory connection in order to connect with Active Directory. The Connection Manager drop-down will show a list of all Active Directory connection managers that have been created in the current SSIS package or project.
- Source Object
-
Based on the Active Directory Connection Manager chosen, the Source Object drop-down lists all of the currently supported objects which you can read from. The available objects include:
- User
- Group
- Computer (On-Premises only)
- Organizational Unit (On-Premises only)
Note: you need to have at least User.ReadBasic.All permission to read Azure users and a minimum permission of Group.Read.All is required to retrieve Azure Groups.
- Directory Services Settings
-
- Container Path (On-Premises only)
-
The Container Path option lets you specify the Directory path that you want to narrow your search scope to. You can specify, for example, the organization unit.
- Paging Size (Azure only)
-
The Paging Size option allows you to specify how many records you want to retrieve each time. The default value is 100.
- Search Criteria
-
You may use the Search Criteria to filter particular records according to your requirements. The Active Directory Search Criteria filter follows the Lighweight Directory Access Protocol (LDAP) filtering format.
- All expressions should contain parentheses. Ex. (objectCategory=person)
- You may use relational operators to form your expressions (ex. '<', '<=', '=', '>=', '>')
- You may use compound expressions within your filtering such as '&' and '|'
For more information, you may refer to the Directory Searcher Filter Property page.
- Expression fx Icon
-
Click the blue fx icon to launch SSIS Expression Editor to enable dynamic updates of the property at run time.
- Generate Documentation Icon
-
Click the Generate Documentation icon to generate a Word document that describes the component's metadata including relevant mapping, and so on.
Columns Page
The Columns page of the Active Directory Source Component shows you all available attributes from the object that you specified on the General page.
Source Object & Container Path Combinations (On-Premises only)
| Source Object | Container Path | Result |
|---|---|---|
| User | Path to a User Object | This combo will retrieve User metadata for the User object specified in the Container Path. |
| User | Path to a Group Object | This combo will retrieve all User objects & User metadata for members within the Group object specified in the Container Path. |
| User | Path to an Organizational Unit Object | This combo will retrieve all Users objects & User metadata that are contained within the Organizational Unit object specified in the Container Path. |
| User | Other Objects | Other Objects such as Computers are not supported. No results will return. |
| Group | Path to a User Object | This combo will retrieve Group metadata for all Groups objects that the User object specified in the Container Path are a member of. |
| Group | Path to a Group Object | This combo will retrieve Group metadata for all Group objects that the Group object specified in the Container Path are a member of, including itself. |
| Group | Path to an Organizational Unit Object | This combo will retrieve all Group objects & Group metadata that are contained within the Organizational Unit object specified in the Container Path. |
| Group | Other Objects | Other Objects such as Computers are not supported. No results will return. |
| Computer | Path to an Organizational Unit Object | This combo will retrieve all Computer objects & Computer metadata that are contained within the Organizational Unit object specified in the Container Path. |
| Computer | Path to a Computer Object | This combo will retrieve Computer metadata for the Computer object specified in the Container Path. |
| Computer | Other Objects | Other Objects such as User are not supported. No results will return. |
Reading from Custom Attributes (On-Premises only)
It is possible to read data from custom attributes in Active Directory. By default, custom attributes cannot be detected in the Source component. In version 2.x and above, in the Columns page of the AD Source Component, there is an 'Add' button, to manually add the custom field. If you select this button, you can add custom fields by entering the following information:
- Field Name
-
Specify the Field Name of the custom field that you would like to read from.
- Data Type
-
Select the Data Type drop down of the field type.
- Length
-
Choose the Length of the Data Type for your custom field.
Reading from Array Attributes
It is possible to read from attributes that contain multiple values and are stored as array objects. For example, the `Telephone` attribute can store multiple entries. When attempting to read from array attributes, these values will be concatenated into delimited text using a semicolon (;) as delimiter. If your attribute value contains the semicolon delimiter character, your attribute value will be escaped with double quotes (").