This article applies to TeamViewer customers with a Premium or Corporate license.
The TeamViewer AD Connector (Active Directory Connector) helps administrators to create and setup TeamViewer accounts easily and centrally for all employees in a company via Active Directory without the need of adapting and using scripts and programming knowledge.
To use this feature you need
You can download the AD Connector from our website on our Integrations site.
To run the program, please un-zip the file and double-click the Configure TeamViewer AD Connector.bat file.
The TeamViewer AD Connector has two main areas such as Configuration and Scheduled task
The configuration UI provides the following features:
The configuration UI requires to be run with elevated user rights to be able to install and
uninstall the scheduled task. The script automatically asks for elevated rights (if required).
These are the available configuration parameters of the TeamViewer AD Connector
|Api token||The TeamViewer API access token that is used for accessing the TeamViewer company user directory. You can create the script token in the Management Console --> Edit profile --> Apps --> Create script token. You only need the permission View, create and edit users for User Management:|
The LDAP identifier (without the leading `LDAP://` protocol scheme) of the AD groups used for the synchronization.
You do not need to run the AD Connector on a Domain Controller. All computers that are part of the domain can access the list of AD groups.
The two-letter language identifier used as default language for newly created TeamViewer users. For example it is used to localize the "Welcome" email.
The initial password used for newly created TeamViewer users.
If set to `true` the synchronization will not modify any TeamViewer user resources but instead only log the actions that would have been executed.
|Deactivate TeamViewer Users that are not members of the AD group||
If set to `true` TeamViewer users that are not member of the selected AD group will be disabled
|Include users of nested AD groups||
If set to `true` users of nested AD groups will be included
The scheduled task will be created with the specified interval as:
...\TeamViewer\TeamViewer AD Connector
Output of the scheduled task is redirected to the specified log file location.
You can set the interval for the task as you like. The interval is currently on a hourly base.
The actual synchronization is done by the Invoke-Sync.ps1 script in the TeamViewerADConnector directory using the following logic:
Identification of users is done based on the email addresses.