Home
Documentation
Partner Portal
TeamViewer
Hi ,
Welcome to the Support Portal. How can we help?
Submit ticket Submit Change Request Submit Feature Request

Articles in this section

Follow

Step 3. Azure AD synctool configuration UI

Created:
Updated:

Table of Contents


Introduction

In this step, we’ll configure the synctool so it can connect both to AD and the Workspace. 

All the data you have collected in the first two steps can be filled in the configuration UI tool. You can find this tool in the downloaded Workspace 365 synctool folder. When you unzip the folder, the name of the file is: 
xe2.png

 

Configuration UI synctool

Let's get started

To disable the welcome page, uncheck checkbox at the bottom of the page. You can change the default language to Nederlands or English. Click Next to continue.

lets_get_started.PNG

Back to top

 

Connect to Azure AD

To connect the Azure AD synctool to Azure Active Directory, fill in the fields below. Click Next when all information is entered. Here, the connection to the entered information/Azure AD will be validated.

  • Tenant ID
  • Tenant name
  • Application (client) ID
  • Client secret (value)

connect_to_AAD.PNG

Back to top

 

Environment settings

To add a new environment, fill in the following and click on 'Save' when you're done: 

  • Your Workspace site URL: this is the workspace base URL where all the environments are hosted on, mostly 'https://{companyname}.workspace365.net'.
  • Environment name: this must match exactly with the environment name in Workspace 365 and can be retrieved from the Workspace 365 URL, e.g. 'https://portal.workspace365.net/john -> john'.
  • Sync API authentication token: this can be retrieved from the Workspace 365 environment 'Users & groups > Active Directory' (Step 2).  

The environment name must be lower case.

environment_settings.PNG

Back to top

 

Filtering

Accidently included the wrong group and/or domain in filtering? No worries! You may follow these steps:

  1. Uncheck the checkbox for that specific group and/or domain.
  2. Click 'Save'. 
  3. Wait for the periodical sync to begin and has finished, or restart the synctool service yourself.

The corresponding users will then be automatically removed and won't be able to sign into Workspace. The removed users will be present under the "deleted users" list under 'User Management' and will be removed permanently after 30 days (of course these users will not be deleted from Office 365!).

Changed your mind or want to add to a specific group and/or domain? Follow these steps:

  1. Check the checkbox for that specific group and/or domain.
  2. Click 'Save'. 
  3. Wait for the periodical sync to begin and has finished, or restart the synctool service yourself.

The corresponding users will be now be added to the Workspace environment.

 

Domain filtering

You can choose the desired filtering options. If you leave both unchecked, domain- and group filtering, it will sync all users and groups.

If you want to enable domain filtering, check the enable domain filtering checkbox. This will expand and show all domains and subdomains within the current domain.

domain_filtering_2.PNG

You can make a selection of the desired domains you want to sync. All users with the domain prefix selected will be synced in this case:

  • johndoe@ndawdev.onmicrosoft.com
  • carter@ndawdev.onmicrosoft.com

Will not be synced:

  • bay@subdomain.ndawdev.onmicrosoft.com

Back to top

 

Group filtering

If you want to enable group filtering, check the enable group filtering checkbox. This will expand and show all groups within this current domain.

We do not support nested groups.

group_filtering_2.PNG

Here you can make a selection of the desired groups you want to sync. All users within the selected group and the group itself will be synced in this case:

  • All members of ‘Anton League’
  • All members of ‘prefix1demo_1’
  • Group ‘Anton League’
  • Group ‘prefix1demo_1’

Will not be synced:

  • All other groups that are unchecked including the users

Back to top

 

Domain- and group filtering

It is possible to combine both, domain- and group filtering, as shown below:

domain_group_filtering.PNG


We have the following active directory structure:

  • 24631 development
    • johndoe@ndawdev.onmicrosoft.com
  • Anton League
    • rhodes@ndawdev.onmicrosoft.com
  • App search
  • prefix1demo_1
    • carter@ndawdev.onmicrosoft.com
    • bay@subdomain.ndawdev.onmicrosoft.com

 

If domain filtering is enabled and the following checked:

  • onmicrosoft.com

If group filtering is enabled and the following is checked:

  • Anton League
  • prefix1demo_1


The following users and groups will be synced:

  • All members of ‘Anton League’ with the ndawdev.onmicrosoft.com domain
    • rhodes@ndawdev.onmicrosoft.com
  • All members of ‘prefix1demo_1’ with the ndawdev.onmicrosoft.com domain
    • carter@ndawdev.onmicrosoft.com
  • Group ‘Anton League’
  • Group ‘prefix1demo_1’

Will not be synced:

  • All other groups and domains that are unchecked including the users

Back to top

 

Synchronization settings

Click on preferences to open the synchronization settings menu. 

You can set the synchronization time to Periodical or Once a day.  If you choose to set the synchronization type to 'Periodical' you need to define the interval in hours and/or minutes. If you choose to set the synchronization type to 'Once a day', you need to define at which time you want to run the sync.

synchronization_settings.PNG

Back to top

 

Clear cache

We do not recommend clearing the cache as first solution (especially not in large environments). Please contact support when you're in doubt.
If groups are not being synced accordantly, try disabling filtering first and run a full sync before you clear the cache. When the sync is complete, you can enable filtering again and sync the selected groups.

So what is a clear cache? The admin tokens of previous syncs/connections will be cleared and renewed when choosing "Clear cache". So this option will clear the user history. If users are not being updatet or added to specific groups, clearing the cache may fix this issue. To clear the cache, follow these steps:

  • Make sure the checkbox of the synctool is enabled in Workspace.

enablesync.png

  • Stop the synctool service. This way, you make sure the synctool button won't trigger while executing the clear cache.
  • Select the “Clear cache” button and press “Ok”.
  • Run the synctool manual in the synctool directory as an administrator.


service.png

  • Wait until the user is added to the Workspace.
  • Start the synctool service.
Did you clear cache and had group-/domain filtering enabled and now experiencing problems? You may need to turn off filtering entirely and run a full sync to fix possible issues.

Proceed to step 4

Back to top

Was this article helpful?

Have more questions? Submit a request

Related articles

Contact


Phone: +31 (0)30 - 711 67 25
WhatsApp: +31 (0)6 -23 68 47 23

Berencamperweg 6D
3861MC Nijkerk

About us


Workspace 365
Terms and conditions
SLA
Latest version:

Follow us