Sync from CSV file

#1

Learner Sync Automation from CSV files

About this tool

This tool will take a correctly formatted CSV file of users and import them as Learners into the Infosec IQ platform. Using a CSV file as an intermediary between a user directory such as Okta, Active Directory, Azure AD, and Google Identities. Through some effort and scripting the exporting to a CSV file and then importing to the IQ platform can be automated.

Requirements

  1. A Windows machine with PowerShell 4.0 or higher.
  2. Sufficient privileges to access the source directory.
  3. Sufficient privileges to run a scheduled task (log on as batch rights job).
  4. Ability to transmit data to https://securityiq.infosecinstitute.com/Sync/targets (52.4.11.108) via SSL port 443

Using the GUI Sync Tool

Deploy the sync tool

  1. In the IQ platform, browse to Learners > Active Directory Synchronizer.
  2. Click the download button next to “Download CSV to IQ endpoint utility”
  3. Extract the contents of the .zip file to a location on the machine where the sync will run.

Prepare the CSV file

  1. The CSV file must be in the format given in the sample CSV file found in the CSV Automation Tool folder
  2. The name must be saved in the “Scheduled_CSV” folder. The tool looks for the CSV to upload in the “Scheduled_CSV” directory. Only one CSV file is allowed in this directory.
  3. The file name must be named “Scheduled_CSV.csv”

Using the GUI Sync Tool

  1. Run the .exe with the privileges required for your environment. This is typically an admin account or service account created for this task.
  2. Enter your Infosec IQ secret key found in the platform by going to Learners > Active Directory Synchronizer.
  3. Set your Infosec IQ Active Directory Synchronizer setting as appropriate also located under Learners > Active Directory.
  4. Validate your CSV if you have errors fix them and try again. You may refer to the sample data provided. The file “sample_learners.csv” is in the exact format your CSV needs to be in.
  5. Sync your learners by clicking the “Sync” button.
  6. If you wish you may click the “Save Config” button. This will save your Secret Key and Sync to European Union Server preference.
    1
    1.png875×847 184 KB

Using Active Directory Synchronizer With Windows Task Scheduler

The following instructions will provide step by step guidance on creating a windows scheduled task to run the SIQ-CSV-AD-Endpoint.exe on a reoccuring basis. This will allow for a daily, weekly, or monthly sync of the learner information found in the Scheduled_CSV.csv to the Infosec IQ platform.

  1. Open the Windows Task Scheduler service.
    AD%2BSync%2BTask%2B1

  2. Under the Action tab, click on Create Basic Task
    AD%2BSync%2BTask%2B2

  3. In the C reate Basic Task Wizard , enter a Name for your task (and an optional Description ) and click Next.

    AD%2BSync%2BTask%2B3
    AD+Sync+Task+3.png700×494 10.8 KB

  4. Select your desired trigger , which will cause the task (and the associated AD/SecurityIQ sync) to run and click Next .

    AD%2BSync%2BTask%2B4
    AD+Sync+Task+4.png699×491 11.3 KB

  • Daily/Weekly/Monthly/One time: Selecting one of these options will cause the next window to prompt you to select which time/date you want your task to begin running and how often you want the task to repeat (the One time option does not allow for repeated runs). Click Next when you are done configuring your trigger.
  • When the computer starts/When I log on: Selecting one of these options will cause the task to run each time the Active Directory server starts up and/or every time you log into the Active Directory server, respectively.
  • When a specific event is logged: Selecting this option will cause the next window to prompt you to define an Event ID relating to a specific event generated by a chosen Source in a specific Log . Your task will run every time an event of the designated type is generated.

  1. Click Next when you are done configuring your trigger and in the Action window, select the Start a program option and then click Next .
    AD%2BSync%2BTask%2B5

  2. Click Browse to select your previously downloaded Sync Tool config file (shown in the image below as Scheduled-AD-Import.exe ), and click Next to continue.

    AD%2BSync%2BTask%2B6
    AD+Sync+Task+6.png700×491 9.83 KB

  3. Review the current task settings and click Finish to create your task.

  4. Populate the Start in (optional) field with the file path of where the Scheduled AD sync is located on the computer (e.g. C:\Users\Administrator\Desktop\ActiveDirectorySynchronizer5.3\ActiveDirectorySynchronizer)