Latest version:
Get help
WhatsApp: +31 (0)623684723

Articles in this section

Follow

Step 2. Azure AD synctool configuration UI

Created:
Updated:

Table of Contents


Introduction

In this step, we’ll configure the synctool so it can connect both to AD and the Workspace. 

All the data you have collected in step 1 can be filled in the configuration UI tool. You can find this tool in the downloaded Workspace 365 synctool folder. When you unzip the folder, the name of the file is: NDAW.AzureActiveDirectorySync.ConfigurationTool.

 

Configuration UI synctool

Let's get started

To disable the welcome page, uncheck checkbox on the bottom. You can change the default language to ‘Nederlands’ or ‘English’. Click ‘Next’ to continue.

lets_get_started.PNG

Back to top

 

Connect to Azure AD

In the "Connect to Azure AD" screen, at the top you can open the 'Synchronization settings' (this will be explained later on in this article) or open 'Help' to be redirected to the Workspace 365 support website for support regarding the Azure AD synctool.

To connect the AAD synctool to the AAD (Azure Active Directory), fill in the following data:

  • Tenant ID
  • Tenant name
  • Application (client) ID
  • Client secret (value)

connect_to_AAD.PNG

Click ‘Next’ when all information is entered. Here the connection to the entered information/Azure AD will be validated.

Back to top

 

Environment settings

To add a new environment, fill in the following:

  • Your Workspace site URL
  • Environment name
  • Sync API authentication token

environment_settings.PNG

At the Workspace site URL, you will have to enter the base URL. This is the workspace base URL where all the environments are hosted on, mostly: https://{companyname}.workspace365.net.

Be aware that the environment name has to be exact the environment name in Workspace 365. This can be retrieved from the Workspace 365 URL (e.g. https://portal.workspace365.net/john -> john).

The environment name must be lower case.

The sync API authentication token can be retrieved from the Workspace 365 environment (Users & groups > Active Directory). 

On this same page, you can choose the desired filtering options. If you leave both unchecked, domain- and group filtering, it will sync all users and groups.

Click on 'Save' when you're done. 

Back to top

 

Domain filtering

If you want to enable domain filtering, check the "enable domain filtering" checkbox. This will expand and show all domains and subdomains within the current domain.

domain_filtering_2.PNG

You can make a selection of the desired domains you want to sync. All users with the domain prefix selected will be synced in this case:

Will not be synced:

Back to top

 

Group filtering

If you want to enable group filtering, check the "enable group filtering" checkbox. This will expand and show all groups within this current domain.

We do not support nested groups. We do sync the group objects but not the user objects to the workspace. Make sure all users are synced via other groups or a specific Workspace user group.

group_filtering_2.PNG

Here you can make a selection of the desired groups you want to sync. All users within the selected group and the group itself will be synced in this case:

  • All members of ‘Anton League’
  • All members of ‘prefix1demo_1’
  • Group ‘Anton League’
  • Group ‘prefix1demo_1’

Will not be synced:

  • All other groups that are unchecked including the users

Back to top

 

Domain- and group filtering

It is also possible to combine both, domain- and group filtering, as shown below:

domain_group_filtering.PNG


We have the following active directory structure:

 

If domain filtering is enabled and the following checked:

  • onmicrosoft.com

If group filtering is enabled and the following is checked:

  • Anton League
  • prefix1demo_1


The following users and groups will be synced:

  • All members of ‘Anton League’ with the ndawdev.onmicrosoft.com domain
  • All members of ‘prefix1demo_1’ with the ndawdev.onmicrosoft.com domain
  • Group ‘Anton League’
  • Group ‘prefix1demo_1’

Will not be synced:

  • All other groups and domains that are unchecked including the users

Back to top

 

Synchronization settings

Click on preferences to open the synchronization settings menu. 

You can set the synchronization time to ‘Periodical’ or ‘Once a day’.  If you choose to set the synchronization type to ‘Periodical’ you need to define the interval in hours and/or minutes.

If you choose to set the synchronization type to ‘Once a day’, you need to define at which time you want to run the sync.

synchronization_settings.PNG

Back to top

 

Clear cache

The admin tokens of previous syncs/connections will be cleared and renewed when choosing Clear cache. This option will clear user- and group history. 

We do not recommend clearing the cache as first solution (especially not in large environments).

Do you make use of group-/domain filtering? After clearing the cache and restarting the service, you may need to turn off filtering entirely and turn it on again, to fix possible sync issues.

Proceed to step 3

Back to top

Was this article helpful?

Have more questions? Submit a request

Related articles

Can't find what you're looking for?



Deal reg.


Get help


WhatsApp

Get help
Latest version:
Contact

Phone: +31 (0)30 - 711 67 25
WhatsApp: +31 (0)6 -23 68 47 23

Berencamperweg 6D
3861MC Nijkerk