Microsoft Active Directory

4E fetches the users from active directory then compares with existing records and updates changed fields / insert new users into 4E system database. 

 Repo and API/handler – tqmi-user-api and cron-ad-puller.ts 

Step 1 - CRON job to fetch

1. A CRON job invokes the lambda located in above mentioned file. Which in turn connects to the active directory to fetch the users along with pre-configured attributes in a json config file (it is located at /utilities/ADAttributeConfig.json) 

2. Active directory connection details such as hostname/url, username, password, baseDN is stored in the environment variables while deploying the lambda function. 

3. Users are fetched from the AD using above configuration. 

4. These are then parsed(mapped) to 4E database fields.  

5. Then these users are pushed into SQS queue (tqmi-ad-sync-<stage>-ad-data) by diving them into multiple batches (batch size is configurable in /utilities/config.json file with key itemsPerBatch). 

Step 2 - Batch the user data and save to 4E database

1. These batches of users are then processed by the lambda function associated to the queue in Lambda triggers configuration of SQS queue. 

2. Existing users from 4E system database are then fetched using employee Ids. 

3. Then existing locations and departments are also fetched for the same users. 

4. Users, locations and departments updated information mapped to respective fields. 

5. Then these records are updated into respective collections (users, departments and locations) 

Improvements (in future release)

1. The entire flow will be skipped while mapping the AD users with 4E if any of the users don’t have any of the expected attributes

2. Existing 4E users are queried from the mongodb using an employeedId. A query with 250 $or conditions, needs to be looked into for performance enhancement

AD user to 4E user mapping