This documentation refers to IWDS (InWebo Directory Sync).
IWDS is an TrustBuilder MFA option. If you have not yet subscribed to this option, please contact our sales team before attempting any IWDS integration.
IWDS is a Java application allowing any TrustBuilder administrator to do bulk creation, modification and deletion of TrustBuilder MFA users and groups, based on input data taken from an LDAP directory or a .csv file.
IWDS also works in batch mode. In this case, it is installed on a server and launched periodically, using a Task Scheduler (Linux cron or Windows Task Scheduler).
IWDS is developed by TrustBuilder to allow you to synchronize your user's between TrustBuilder MFA administration console and a directory (AD, LDAP, .csv...). It is available on Windows in GUI mode. It supports:
User listing file in csv format
IWDS will never write anything in your LDAP directory. IWDS will only read the LDAP. Any creation/modification will be done only on TrustBuilder platform.
How IWDS works?
IWDS works in 4 steps and saves the result in XML files for each of these steps.
As soon as you operate a complete synchronization, you should always start the 4 steps from the beginning, to take into account the last modifications of the previous synchronization.
The retrieval of TrustBuilder objects
TrustBuilder objects are users, roles and groups currently available on the TrustBuilder platform for your service. IWDS accesses our API using the pre-requisite certificate. It retrieves all the elements on the cloud to know the existing state of your service.
The retrieval of LDAP objects
IWDS will read access to each of the configured LDAP servers to retrieve all users of the selected groups. These users represent the synchronization source that must be .
IWDS proceeds to the comparison between the retrieved TrustBuilder objects and the retrieved LDAP objects. This generates a list of operations to be carried out to fill the gap between the two sources: creation of the absent users on the TrustBuilder side, deletion of those which are not present anymore, etc...
This step consists in sending the list of operations from the “Difference” step to the TrustBuilder platform. Once synchronization done, you can consult the logs or the console to check that the operations have been carried out correctly and that this provisioning step corresponds to your expectations.
IWDS Release Notes
October 17, 2022
Special characters are authorized in user first name and name
January 25, 2022
Multi-source: each instance of IWDS can define a provisioningId. Default is 1. (more information)
Update for Log4j vulnerability
Account deletion limit parameter (default 25) is applied to GUI in addition to command-line mode (more information)
Interface rebranded with current inWebo logo
Alternative login is renamed login2 in the interface
Fixed an issue that caused unnecessary sync of the entire user list
Update to support Java Runtime Environment (JRE) from version 8 and higher
Fixed an issue with the result file that did not show login2
Updated IWDS user agent to provide version, Java version and system
Fixed help broken link
Fixed an issue with the data source test
June 11, 2021
Sync of new field “alternative login”
Previous release notes
2.1.15 and 2.1.16 are internal releases - not published.
2.1.14: minor bug fixes and enhancements. inWebo status is now kept for all users including administrators. Extended email format support (including simple quotes in user name part of email address)
2.1.13: updated IWDS to support email addresses defined on domains with long extensions (example: firstname.lastname@example.org)
2.1.12: fixing a bug where IWDS in batch mode could crash when launched after a fresh installation or with a user different from the one that installed the software
2.1.11: fixing a bug where the synchronization result screen could not be displayed in GUI mode
2.1.10: fixing a bug where the group membership operations were not added to the synchronization task for expired users being recreated
2.1.9: fixing a bug where the utf-8 charset encoding was not properly applied when IWDS was launched in batch mode
2.1.8: modification of the encoding of the product from iso-8859-1 to utf-8
2.1.7: fixing a bug where an activation email was not re-sent to pending activation users when option was checked in synchronization rule
2.1.6: fixing a bug where the group synchronization could fail when using several LDAP sources having a group mapping defined
2.1.5: fixing a bug where IWDS could fail to operate in batch mode
2.1.4: fixing a bug where IWDS could fail while retrieving inWebo user group memberships
2.1.3: minor bug fixes and enhancements
2.1.2: management of inWebo services in "machine" mode
2.1.1: optimizing the query retrieving inWebo group memberships. Minor bug fixes and enhancements