Importing user groups from a CSV file simplifies the process of creating Security
Center user groups for third-party authentication
Before you begin
The user groups that interact with Security Center have been defined in the external
identity provider.
What you should know
Some identity providers, such as Azure Active Directory, can export user groups in
CSV format. Security Center can import data from
these files to ensure accuracy and save time.
Compatible CSV files must be formatted
as follows:
- First row includes only headers.
- All headers must be unique.
- At least one column must be for group name. It is the only mandatory
field.
Procedure
-
From the Config Tool homepage, open and select an Authentication Service role that uses the
OpenID or SAML2 protocols.
-
Click the Properties tab, and then click the
Import button under User
groups.
The
Import from file window opens.
NOTE: If multiple partitions are defined in Security Center, new user groups imported
from the CSV file are created in the partition specified under
Entities will be synchronized
in.
-
Select a CSV file to import.
The CSV is parsed immediately and any detected rows, columns, errors, and
warnings are displayed.
By default, user group fields are bound to CSV
headers as follows:
-
Name is bound to the
displayName
header.
-
External unique identifier is bound to the
id
header.
-
Email address is bound to the
mail
header.
-
Description is bound to the
description
header.
NOTE: A warning is displayed if the columns bound to
Name or External unique
identifier have duplicate or empty values. These rows are
skipped during the import process.
-
If required, specify a different partition for new user groups.
NOTE: This selection is only available if multiple partitions are defined in
Security Center. Only user
groups created by the CSV import are placed in the selected partition.
Existing user groups are not affected by this setting.
-
If required, modify the field bindings.
You cannot bind the same header to multiple fields.
-
Click Import.
The user groups specified in the CSV file are imported to Security Center.
During the import, the
system looks for an existing user groups with a matching Name that is not
associated with another Authentication Service role. User groups are then
processed as follows:
- If a matching group is not found, a new user group is created with
data from the CSV.
- If a matching group is found, and that group is not associated with
another Authentication Service role, it is updated with data from
the CSV.
- If a matching group is found, and that group is associated with
another Authentication Service role, a new group is created with
data from the CSV.
- If a group that is already associated with this Authentication
Service role has the same external identifier as a CSV row, the
matching CSV row is skipped.
Depending on the number of groups to process, it can take few
seconds for the import to complete.
The CSV file is imported and results are displayed.
All imported groups are automatically added to the
User groups list in the Authentication Service
role.
-
Click OK.