Role Required
Owner, Administrator, User Manager.
Overview
Use Directory Sync to synchronize users from different sources. At this phase, we are only supporting Azure Active Directory (AD) sync.
Azure Active Directory Sync Workflow
Sync a new directory by going to Directory Subscription.
Full Sync
-
Go to Directory Subscription. Click New Active Directory in the top right-hand corner of the Directory Sync page.
-
Click Authorize to authorize the sync under Azure Active Directory → Azure Active Directory tab.
Result: The Microsoft Sign in page displays.
-
Log in to your Microsoft Global Admin account by entering your password.
-
Click Accept to accept the requested permissions.
Result: The AuthX portal displays.
-
If required, change the AD attribute accordingly and click Save.
-
Select desired groups. (Multiple groups may be selected.)
Note: To fetch groups, type at least four characters for the group name in the Selected Groups section.
-
Click Full Sync.
Result: When the sync completes, the groups will display in the AuthX portal.
-
After the directory sync is complete, all synced users display in the Users grid with the following details:
-
User Status: Active
-
Source Type: AdSync
Result: The synced Groups and User Count will display in the Groups grid.
Is Sign in Blocked on AD
If a user’s sign-in is blocked on the Azure portal, selecting this checkbox will deactivate the user on the AuthX portal.
Go to the AuthX Portal and select the Is Sign in Blocked on AD checkbox.
2. Click Full Sync.
Result: The User will show as inactive on the User page.
4. Go to Directory Subscription and click Edit Group Status. Select the Send Enrollment Email to the Newly Synced Users checkbox and click Full Sync.
Result: All synced users will receive an enrollment email. Users can then enroll and activate their accounts themselves.
Deactivating User – Synced User
Admins cannot deactivate a synced user in the system. The user can only be deactivated in the Microsoft Azure directory where they were initially synced from.