UMP FAQ's

User Management Process - Frequently Asked Questions

Does the UMP run under a service account that would be given elevated privileges using an account from our AD?  Or as the SYSTEM account?

The UMP runs a Windows Command Batch (.bat) file typically scheduled using Windows Task Scheduler (unless you have another preferred job scheduling tool). 

We typically configure this job to run under the SYSTEM account which would need to have full access to the artifacts folder, which we will deploying during the UMP installation, and any Python executables (basically the Python folder).  When running the job under the SYSTEM account, that account would also need to have access to the folder that the UMP file will reside in and access to the SQL Server database with db_owner privileges on the database we will be deploying on the SQL Server (called AQForumIntegrations) as well as tempdb.  Typically, the SYSTEM account would already have the access to the SQL Server, but in case it does not, this would be required. 

If you want to run the process under another account (local or domain), the same level of permissions described above would be required for the chosen account.

How is the UMP database configured? 

In either instance (SQLite or SQL) the database will be configured by AgilQuest as a part of the UMP build process and a backup will be provided as a part of the build.

Is there a script involved in the process? 

For the SQL version, the UMP relies on a number of stored procedures to run; any scripting will be handled by the AgilQuest team, no scripting needed for the SQLite version

What sort of access will be required? 

For the SQL version we will need to be able to connect to the database either with a dedicated SQL Login or a trusted connection as a DB Owner to the database that AQ will provide. For SQLite no particular access considerations are needed

Is there a naming convention for the database?

Yes, AQForumIntegrations

How much space do we anticipate this will take? 

SQLite is lightweight (12 MB) and will reside within the UMP folder, SQL backup is roughly the same size.

Do you have an example powershell to pull the data out of Active Directory in the pipe delimited format required for the UMP?

Sure! Here is a sample powershell. It's only a sample so you'll want to adjust the fields based on the data elements and field names you will use.

Get-ADUser -Filter '*' -Properties name,Surname,GivenName,mail,department,enabled | Select-Object name,Surname,GivenName,mail,department,Enabled | ConvertTo-csv -Delimiter "|" | Select -Skip 1 | % { $_ -replace '"',""} | out-file "C:\temp\users.txt"