ADMS Setup (Legacy)

Once the install process is finished and before we can start the service we need to complete the set up by entering the configuration details into the configuration application, the Directory Sync Manager.

The first time you open the Directory Sync Manager you will see a warning about there being no configuration file. The following steps will address this.

IMPORTANT: Complete and save the configuration file before you start the service!

Configuration information

This consists of the following areas to configure:

  1. Server Domain details
  2. Organizational Units
  3. Groups
  4. Student settings
  5. Staff settings (if applicable)

Launching the interface application

Browse to the installation folder and launch the DSManager.exe application to configure the synchronisation settings.  By default the installation folder is C:\Program Files (x86)\KAMAR\KDMS

Setup warnings

Below is the warning you will see when running the Directory Sync Manager for the first time.  This is the warning you will see when no configuration file has been detected.
You can safely dismiss this as we are about to create this file.


Directory Synchronisation Manager

We are now ready to start entering the domain details and configuration settings.

Domain and Server Settings

Enter the target Domain name.  This is NOT the server name or IP address.  It is the actual name of the domain to which users will become members.
Example below has the domain name highlighted in the 'Active Directory Users and Computers' interface

Port Setup

Select the port you wish the service to listen on and whether you are using SSL to secure the connection. 

Note: if you want to use SSL you will need to ensure a security certificate is assigned to the desired port. The service does not install security certificates. 

Authentication String

Click the "Generate ID" button to produce an authentication string and populate the Instance ID field.  Copy and paste this string into the "Authentication" field when configuring the service on the Directory Services tab in KAMAR. 

This string cannot be manually entered and has to be produced by the service.

KeyStore (Password hash)

The 'KeyStore' (by default the pager field) is legacy support for the old 'Network Users' service.  It stores a non-reversible hash of the password stored in KAMAR.  It can be disabled by unchecking the checkbox.

Network Users used this field to store a non reversible hash of the KAMAR password last used to create or update a user's account by this service. Each time the service ran it would compare the contents of the pager field to a hash of the current KAMAR password to decide whether they match. 

KDMS does not use this but other third party applications do so when a password is set the hash will be written to one of the 3 options.

OU Configuration

In this section you can assign your own names to the main organizational units that contain your users and groups.  By default staff users (if included in the sync) will be placed in an organizational unit based on their classification.  Students will be placed in an OU based on their year level although you can change the format of this using the dropdown.

Group Configuration

Timetable Subjects
This option will create groups based on timetabled subjects with one group for each subject.  This is an aggregation of the classes below.

Timetable Classes
This option will create a group for each class of every subject.

Staff and Students
Will create groups for each user type.  Note: Staff have to be enabled as part of the sync for the staff group to be created. 

KAMAR Groups
This option will add the groups created in the KAMAR Groups area to your directory.

Staff Departments
Will create staff groups based on staff department and classification if staff sync is enabled.

Student Year Level
Default grouping of student users.  Not optional.

Empty groups
This setting decides what action to take when the service encounters an empty managed group.

Move group to empty folder
any managed group with no users will be moved to the "Zero Members" OU to allow it to be used again when a new member is added and preserve any rights. 

Delete group from directory
any managed group with no users will be deleted from the directory and recreated if required again.

Set email
Checking this box will set the email address of managed group to be the group name and the domain shown. By default it will be the same as the domain entered earlier but this can be customised. 

Note: It is only ever set at group creation as there is no information stored in KAMAR other than their name.

User Configuration

Common Name (CN)
There are 14 different preset formats to select from the dropdown.
Note: as the Common Name (CN) cannot repeat in an OU you should select an option that will ensure 'uniqueness' to avoid conflict.

Display Name
There are 4 different preset formats to select from the dropdown

UPN Suffix
Here you can enter an explicit suffix if you wish. If not filled in or left blank the suffix will default to the domain name (implicit).

Description (New in 1.0.13)
Custom description and be added here en mass.  Can add any of the place holders listed below.
Note: Individualised descriptions can be added in the 'Alt description' field within KAMAR.

Home Drive
Select the drive letter and path for the users home drive.  Can add any of the place holders listed below to the path.

Logon Script
Select the path for the location of the users logon script.  Can add any of the place holders listed below.

Profile Path
Select the path for the location of the users profile.  Can add any of the place holders listed below.

Each of these will be swapped out with the actual data for the user in the fields mentioned above:

  • "<first>"  = First name
  • "<first1> ... <first8>" = Number of characters (first through to eighth) of first name 
  • "<last>"  = Last name 
  • "<last1> ... <last8>" = Number of characters (first through to eighth) of last name 
  • "<cname>" or "<cn>" = Common name based on selected configuration 
  • "<username>" = Username as it appears in KAMAR 
  • "<nsn>" or "<nsi>" = NSN/NSI number for students only 
  • "<tutor>" = Student tutor 
  • "<year>" or "<yearlevel>" = Student's current year level 
  • "<id>" or "<code>" = Student ID  or Teacher code 
  • "<moe>" = Teacher MoE number Requires KAMAR version 912.25 or higher 

e.g. the path "\\StuFileServer\Year<yearlevel>\<username>" would be shown as "\\StuFileServer\Year12\bjohns.90185" in AD if the students year level was 12 and their username bjohns.90185

External Scripts
External Scripts can be set up with both batch and vb scripts. These scripts can then be set up to run on four actions (four for students and four for teachers). 

For more information on External Batch Scripts, please click the following link:

External Batch Scripts

Password Management: (optional)
Update directory with KAMAR password changes

You can set it so the sync keeps the directory password the same as KAMAR.  If you choose this option then the password will be set to never expire and the user will not be able to change it on the network. These settings are mandatory if the password is to be maintained from KAMAR. KAMAR will become the authority for password management.

Set Password on account creation

You can use this to set the initial password and whether it has to be changed at first logon (optional) when the service first creates an account.  Once the account has been created the password will not be changed by KAMAR or the service unless a 'Password Reset' from KAMAR is performed.  This is a new feature in KAMAR version 912.23. The initial password can be set to one of the three values below:

  • <username>
  • <id>
  • <KAMAR password>

Password Reset

Password Reset is a new function available in KAMAR version 912.25 that will allow anybody with access to force a password change if the settings have been configured in the Directory Sync Manager for KAMAR to manage passwords.  It is designed to allow teachers to reset student passwords from KAMAR.

Student Leavers
There are 2 options to deal with leavers - Move user to left folder and disable a/c or Delete user from directory. If you opt to move leavers they will be placed in the "Left" organizational unit within the Student or Staff organizational unit

User information will continue to be sent for 21 days after the leaving date.  After this grace period the user's information will not be sent and this triggers the above action.

Enabling Staff Sync
By default staff are not included in the sync.  To enable the sending of staff details, check the "Include Staff in Sync" checkbox and configure as per above.

Saving Settings

Once you entered all your desired settings you can save these changes by going to File → Save.  You can now start the service by clicking on the "Start" button

The service is now running in the back ground awaiting a connection from KAMAR.

To test your set up, in KAMAR, go to the "Setup → KAMAR → Server → Directory Services" tab making sure that the service has been added and configured then "Check" the connection to ensure it is working.

Have more questions? Submit a request