Costpoint Online Help

Using the Help Search
Using the Help Search
  • Phrase:Returns all topics that contain the exact phrase in the search criteria. Use quotation marks around the phrase.
    Ex."system administration"
  • And:Returns all topics that contain all the words in the search criteria, in any combination. Insert a plus sign between all words in the search criteria.
    Ex.system + administration
  • Or:Returns all topics with any combination of words in the search criteria. This is the default.
    Ex.system administration
For more information:Searching Online Help

Active Directory Groups Subtask

Use this subtask to load Active Directory (AD) groups to Costpoint from a pre-generated CSV file.

Use this subtask if you are planning to enable Managing Groups in Active Directory feature for your organization and you are using Single Sign-On (SSO) authentication methods (such as Single Sign-on, Single Sign-on or Active Directory, Single Sign-on or Database, Windows Domain and Active Directory, and Windows Domain and Database). For these SSO methods, the AD groups are retrieved right at login, but the Kerberos ticket (which is used to authenticate a user in an SSO mode) does not have user assigned group names. Instead, the ticket contains group security identifiers (SIDs). Therefore, you have to create a mapping between AD group names and group SIDs on this subtask. The mapping on this subtask will display in the lookup of the Active Directory ID (sAMAccountName) field on the Manage User Groups main screen.

For the Active Directory authentication method, the user’s assigned AD groups (and group names) are retrieved from the AD server and synchronized at login. While you are not required to create a mapping between AD group names and group SIDs for this method, you can still load this subtask and the mapping created here will also be available in the lookup of the Active Directory ID (sAMAccountName) field on the main screen.

Attention: For more information on managing user groups in Active Directory, refer to the Deltek Costpoint 7.1.1 Security document.

Contents

Fill in the fields on this subtask only after you have exported AD group names and group SIDs into a CSV file and uploaded this file into Costpoint using the File Upload Manager function or manually copied the file into a file location that is available to Costpoint.

Field Description
File Location Enter, or click to select, the location of the previously generated and uploaded/copied CSV file.
File Name Enter, or click to select, the name of the CSV file to be loaded.
Duplicate Groups Select how duplicate groups should be processed on loading groups:
  • Skip: Select this option if you want Costpoint to skip the duplicate AD group upon loading.
  • Override: Select this option if you want Costpoint to override the initial AD group when a duplicate is detected upon loading.
  • Error: Select this option if you want Costpoint to display an error message when loading duplicate groups.
Load Click this button to load AD groups from the selected export file and create a mapping between the AD group names and group SIDs.
Clear Click this button to clear the AD groups mapping data.

Active Directory Groups

When you click Load, Costpoint automatically populates this table window with the AD group names and group SIDs from the file you uploaded. You can edit or delete records on this table window. You can also click to add a new line/record.

Field Description
Active Directory ID (sAMAccountName) Enter an Active Directory ID.
Active Directory SID (objectSid) Enter an Active Directory SID.

After you have created a mapping between AD group names and group SIDs, you must update the mapping between the Costpoint user group and the Active Directory group. In the Active Directory ID (sAMAccountName) field on the Manage User Groups main screen, enter, or click to select, the Active Directory ID (sAMAccountName) value from this subtask.