Skip to main content
ZenHub houses documentation to support you if you’re using Contensis Classic. Contensis Classic includes our WYSIWYG and templating features. If you’re working with a newer version of Contensis, is your go-to place to find anything Contensis-related when building with content types.
The R83 documentation is unmaintained. There is a newer version of Contensis. Click to find out more and download the latest version.

Configure Active Directory update

if you are running Active Directory (AD) in your organisation, you can set up Contensis to integrate directly with it. Users don't need to remember multiple passwords, administrators don't need to set up extra user accounts for everyone to be able to login to Contensis and everyone can login automatically to Contensis if they are logged into their computer on the domain whilst using Internet Explorer.

The AD service will run by default at a pre-specified time. The steps listed here are how you can change the settings to better suit your needs. All settings below need to be changed in the Global Settings area which can be found by clicking on View Management Console in the Project Explorer window.

You must restart the application cache after making changes to these settings for your changes to be carried over to the published website.



This setting specifies whether the AD update process is enabled or not. By default it is turned off. The following global settings are shared with the Active Directory Synchronisation service.


This setting is the domain that your Active Directory install is running on. We strongly recommend you use the pre windows 2000 version of your domain or the short domain in this setting. So our AD domain is so our setting is set to Contensis.


This is the user name that will be used to read the Active Directory listings and carry out the synchronisation. This user needs read privileges in the domain. We would recommend this user not have an expiring password as synchronisation might stop without notice.


This is simply the password for the user above.

Specify the AD user properties to update in Contensis

If the AD Update is turned on, the following properties are updated on the corresponding AD user record by default:

  • Account Disabled
  • Account Locked
  • Email Address
  • Title
  • First Name
  • Last Name
  • Telephone Number
  • Job Title
  • Department
  • Division (mapped to company name in Contensis)

Any of these fields can be excluded from the AD update by changing the value of the DirectoryServices_DisabledActiveDirectoryProperties_CMStoAD setting in Global Settings. The value of this setting is a bit field array but rendered as a decimal.

To set the value, refer to the following list:

  • None = 0
  • Account Disabled = 1
  • Account Locked = 2
  • Email Address = 4
  • Title = 8
  • First Name = 16
  • Last Name = 32
  • Telephone Number = 64
  • Job Title = 128
  • Department = 256
  • Division = 512
  • Password Never Expires = 1024

An example value of 192 => (64+128) would disable the update of the Job Title and Telephone Numbers.

Custom mappings

There are two settings that allow you to customise the AD Update behaviour, DirectoryServices_ADToCMSMappings and DirectoryServices_ADToCustomMappings. These settings are both also used by the AD Synchronisation service to update Contensis user records from AD. For further information see Active Directory integration Custom Mappings.

User profile field accessibility

In the following screens:

  1. The User Profile screen of the CMS
  2. A published web page which has the User profile web control
  3. A published web page which has the Who’s Who Record web control (applies only if your CMS has the Who’s Who module)

the following fields

  • First Name
  • Last Name
  • Telephone number
  • Job Title
  • Company Name

will be disabled if either:

  1. The AD Update is enabled, and the field is included in the global setting DirectoryServices_DisabledActiveDirectoryProperties_CMStoAD
  2. The AD Update is not enabled, AD Synchronisation is enabled, and the field is not included in the global setting DirectoryServices_DisabledActiveDirectoryProperties.

Note: The above fields are not disabled in the User Management screen of the Management Console.

Make changes to global settings

When any of the above global settings are changed in the CMS, you will need to:

  1. In the Management Console / Project Setup / Publishing Servers screen, click on CMS Config for the relevant publishing server, and then click Save and Publish. This will ensure that the global settings are updated on the publishing server.
  2. Restart the application pool for the relevant published website in IIS on the publishing server. This will ensure that any pages in the published website use the new global settings.
  3. Any users of the CMS will need to click Reset Application Cache (in the Management Console) for the new global settings to take effect on the CMS User Profile screen.

Save changes

You need to restart the Active Directory service each time you update the settings above. This ensures the new configuration options get picked up by the service and everything works as you intended.