Importing user groups from a CSV file simplifies the process of creating Security
Center user groups for third-party authentication.
Before you begin
The user groups that interact with Security Center have been defined in the external
identity provider.
What you should know
Some identity providers, such as Azure Active Directory, can export user groups in
CSV format. Security Center can import data from
these files to ensure accuracy and save time.
Compatible CSV files must be formatted
as follows:
- The first row includes only headers.
- All headers are unique.
- At least one column must be for group name. It is the only mandatory
field.
Procedure
-
From the Config Tool homepage, open and select an Authentication Service role that uses the
OpenID or SAML2 protocols.
-
Click the Properties tab, and then click
Import () under User groups.
The
Import from file window opens.
NOTE: If multiple partitions are defined in Security
Center, new user groups imported from the CSV file are created in the
partition specified under Entities will be synchronized
in.
-
Select a CSV file to import.
The CSV is parsed immediately and any detected rows, columns, errors, and
warnings are displayed.
By default, user group fields are bound to CSV
headers as follows:
-
Name is bound to the
displayName
header.
-
External unique identifier is bound to the
id
header.
-
Email address is bound to the
mail
header.
-
Description is bound to the
description
header.
NOTE: A warning is displayed if the columns bound to
Name or External unique
identifier have duplicate or empty values. These rows are
skipped during the import process.
-
(Optional) Specify a different partition for new user groups.
NOTE: This selection is only available if multiple partitions are defined in
Security Center. Only user groups created by the CSV import are placed in
the selected partition. Existing user groups are not affected by this
setting.
-
(Optional) Modify the field bindings.
You cannot bind the same header to multiple fields.
-
Click Import.
The user groups specified in the CSV file are imported to Security
Center.
During the import, the system looks for an existing user group
with a matching Name that is not associated with another Authentication
Service role. User groups are then processed as follows:
- If a matching group is not found, a new user group is created with
data from the CSV.
- If a matching group is found, and that group is not associated with
another Authentication Service role, it is updated with data from
the CSV.
- If a matching group is found, and that group is associated with
another Authentication Service role, a new group is created with
data from the CSV.
- If a group that is already associated with this Authentication
Service role has the same external identifier as a CSV row, the
matching CSV row is skipped.
Depending on the number of groups to process, it can take a few
seconds for the import to complete.
The CSV file is imported and results are displayed.
All imported groups are automatically added to the
User groups list in the Authentication Service
role.
-
Click OK.