Enable VMware People Search and map the Active Directory attributes required to retrieve information about employees, including profile pictures and management hierarchy.

Prerequisites

A list of the Active Directory attributes that must sync to the directory to create the searchable user profiles and organizational hierarchy. The attributes that are required to be mapped are title, managerDN, and distinguishedName.

The attributes that can be mapped are listed in the People Search attributes table. To sync the user's image to the directory, the Active Directory attribute thumbnailPhoto must be pre-populated with the users thumbnail photo.

Attributes that can be configured for People Search
userName lastName firstName
email address alternatePhoneNumber
businessUnit costCenter country
locality managerDN mobile
phone physicalDeliveryOfficeName postalCode
region telephoneNumber title
userPrincipalName distinguishedName socialcast
slack linkedInProfileUrl imageURL
Important: Customer that were using People Search during Beta before the VMware Identity Manager 3.1 release must re-enable the People Search Attribute to generate the People Search OAuth2 template. You can set the default access time to live values in the template.

Procedure

  1. In the administration console Catalog tab, select Settings > People Search.
  2. Select Enable People Search and click Next.
  3. In the page that displays, select the directory to configure for People Search.
  4. Review the attribute list and select attributes to reflect which attributes to map to the Active Directory attributes and click Next.
    To sync the photo profiles from the thumbnailPhoto attribute in the Active Directory, select the imageURL attribute.
  5. Map the attribute names listed to the Active Directory attributes.
  6. If the VMware Identity Manager service is not already configured to sync all users, specify the DN to sync all users. For example, enter CN=Users,DC=example,DC=com.
    To use the People Search application successfully, sync all users in your organization to the directory.
    The directory sync profile you configured is added to the Directory > Sync Settings > Users sync list.
  7. Click Save and Sync.
    The Active Directory attributes sync to the directory.

What to do next

To change the access time-to-live, the refresh token time-to-live, and the idle token time-to-live, go to the Catalog > Settings > Remote App Access > Templates page. Edit PeopleSearchOAuth2Template. See Creating Clients for Remote Application Access.

Add VMware People Search as a public application in the AirWatch console. See the VMware People Search Admin Guide on the AirWatch Resources site.