Skip to main content
Skip table of contents

Directory Syncing (IWDS)

This documentation refers to IWDS (InWebo Directory Sync).

IWDS is an TrustBuilder MFA option. If you have not yet subscribed to this option, please contact our sales team before attempting any IWDS integration.

About IWDS

IWDS is a Java application allowing any TrustBuilder administrator to do bulk creation, modification and deletion of TrustBuilder MFA users and groups, based on input data taken from an LDAP directory or a .csv file.

IWDS also works in batch mode. In this case, it is installed on a server and launched periodically, using a Task Scheduler (Linux cron or Windows Task Scheduler).

IWDS is developed by TrustBuilder to allow you to synchronize your user's between TrustBuilder MFA administration console and a directory (AD, LDAP, .csv...). It is available on Windows in GUI mode. It supports:

  • Active Directory

  • LDAP

  • User listing file in csv format

IWDS will never write anything in your LDAP directory. IWDS will only read the LDAP. Any creation/modification will be done only on TrustBuilder platform.

How IWDS works?

IWDS works in 4 steps and saves the result in XML files for each of these steps.

As soon as you operate a complete synchronization, you should always start the 4 steps from the beginning, to take into account the last modifications of the previous synchronization.

  1. The retrieval of TrustBuilder objects
    TrustBuilder objects are users, roles and groups currently available on the TrustBuilder platform for your service. IWDS accesses our API using the pre-requisite certificate. It retrieves all the elements on the cloud to know the existing state of your service.

  2. The retrieval of LDAP objects
    IWDS will read access to each of the configured LDAP servers to retrieve all users of the selected groups. These users represent the synchronization source that must be .

  3. The difference
    IWDS proceeds to the comparison between the retrieved TrustBuilder objects and the retrieved LDAP objects. This generates a list of operations to be carried out to fill the gap between the two sources: creation of the absent users on the TrustBuilder side, deletion of those which are not present anymore, etc...

  4. The synchronization
    This step consists in sending the list of operations from the “Difference” step to the TrustBuilder platform. Once synchronization done, you can consult the logs or the console to check that the operations have been carried out correctly and that this provisioning step corresponds to your expectations.

Topics

IWDS - Graphical Interface guide
IWDS - Command-line guide
IWDS- Tips and Advanced configuration

IWDS Release Notes

Click here to see all inWebo Directory Sync (IWDS) Release Notes

IWDS 2.5

October 17, 2022

  • Special characters are authorized in user first name and name

IWDS 2.4

January 25, 2022

  • Multi-source: each instance of IWDS can define a provisioningId. Default is 1. (more information)

  • Update for Log4j vulnerability

  • Account deletion limit parameter (default 25) is applied to GUI in addition to command-line mode (more information)

  • Interface rebranded with current inWebo logo

  • Alternative login is renamed login2 in the interface

  • Fixed an issue that caused unnecessary sync of the entire user list

  • Update to support Java Runtime Environment (JRE) from version 8 and higher

  • Fixed an issue with the result file that did not show login2

  • Updated IWDS user agent to provide version, Java version and system

  • Fixed help broken link

  • Fixed an issue with the data source test

IWDS 2.1.17

June 11, 2021

  • Sync of new field “alternative login”

Previous release notes

  • 2.1.15 and 2.1.16 are internal releases - not published.

  • 2.1.14: minor bug fixes and enhancements. inWebo status is now kept for all users including administrators. Extended email format support (including simple quotes in user name part of email address)

  • 2.1.13: updated IWDS to support email addresses defined on domains with long extensions (example: john.doe@mycompany.security)

  • 2.1.12: fixing a bug where IWDS in batch mode could crash when launched after a fresh installation or with a user different from the one that installed the software

  • 2.1.11: fixing a bug where the synchronization result screen could not be displayed in GUI mode

  • 2.1.10: fixing a bug where the group membership operations were not added to the synchronization task for expired users being recreated

  • 2.1.9: fixing a bug where the utf-8 charset encoding was not properly applied when IWDS was launched in batch mode

  • 2.1.8: modification of the encoding of the product from iso-8859-1 to utf-8

  • 2.1.7: fixing a bug where an activation email was not re-sent to pending activation users when option was checked in synchronization rule

  • 2.1.6: fixing a bug where the group synchronization could fail when using several LDAP sources having a group mapping defined

  • 2.1.5: fixing a bug where IWDS could fail to operate in batch mode

  • 2.1.4: fixing a bug where IWDS could fail while retrieving inWebo user group memberships

  • 2.1.3: minor bug fixes and enhancements

  • 2.1.2: management of inWebo services in "machine" mode

  • 2.1.1: optimizing the query retrieving inWebo group memberships. Minor bug fixes and enhancements

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close