Latest version: v2.46

Using the Azure Active Directory Synctool Configuration UI

Click the link below for the full documentation on how to configure the AAD synctool:

 

Be aware that you need to install Microsoft SQL Server Compact 4.0
https://www.microsoft.com/en-US/download/details.aspx?id=17876

All current settings of the synctooldb.sdf can be set by using the Configuration UI tool. After you are done with configuring, you need to copy the database to the desired running app folder: WindowsService or the Console app. The database is stored in: locationofsynctool\Configuration UI\DataBase\syncToolDB.sdf

If Active Directory Sync tool is already running, please restart it so it will read the updated settings.

To run the app open ActiveDirectorySyncConfigurationTool.exe from the Configuration UI folder.

At first you'll see a welcome page. To disable the welcome page, disable the checkbox on the bottom. You can change the default language in ‘Nederlands’ or ‘English’. Click ‘Next’ to continue.

The connect to Azure AD screen will be displayed. On the top you can open the ‘SYNCHRONIZATION SETTINGS’ or open ‘HELP’. Later on this documentation we will describe the  ‘SYNCHRONIZATION SETTINGS’ menu. Click ‘HELP’ to open the Workspace 365 support website for support regarding the Azure AD synctool.

To connect the AAD Synctool to the AAD(Azure Active Directory), fill in the following data:

  • Tenant ID
  • Tenant name
  • Client ID*
  • Client Secret Key

 

*Be aware that Client ID is from the "old" Azure portal(manage.windowsazure.com). In the "new" Azure portal(portal.azure.com) the Client ID is "Application ID".

 

Click ‘Next’ when all information is entered. Here the connection to the entered information/Azure AD will be validated.

When the information is correct and the connection to the Azure AD is established, you will see the ‘Environment’ screen. To add a new environment, click ‘Add new’ on the left, or the plus button in the middle.

On the left you see the Environment overview. All created environments will be displayed here. You can delete or add new environments.

When an environment is added, you will see the Environment settings page in the middle. Fill in the Environment name.

Be aware that this has to be exact the environment name in Workspace 365. This can be retrieved from the Workspace 365 URL(e.g. https://portal.workspace365.net/john).

Fill in the Sync API authentication token, this can be retrieved from the Workspace 365 environment.

 

Within the Environment settings page you can choose the desired filtering options. If you leave both, domain and group filtering disabled, it will sync everything. All users and groups.

 

Domain filtering

If you want to enable domain filtering, enable the domain filtering checkbox. This will expand and show all domains and subdomains within the current domain.

Here you can make a selection of the desired domains you want to sync. All users with the domain prefix selected will be synced in this case:

  • johndoe@ndawdev.onmicrosoft.com
  • carter@ndawdev.onmicrosoft.com

Will not be synced:

  • bay@subdomain.ndawdev.onmicrosoft.com

If the ‘Clear cache on save’ checkbox is checked, the Admin tokens of previous syncs/connections will be cleared and renewed.

If you are done with configuring click ‘Save’.

 

Group filtering

If you want to enable group filtering, enable the group filtering checkbox. This will expand and show all groups within this current domain.

Here you can make a selection of the desired groups you want to sync. All users within the selected group and the group itself will be synced in this case:

  • All members of ‘Anton League’
  • All members of ‘prefix1demo_1’
  • Group ‘Anton League’
  • Group ‘prefix1demo_1’

Will not be synced:

  • All other groups that are unchecked including the users

If the ‘Clear cache on save’ checkbox is checked, the Admin tokens of previous syncs/connections will be cleared and renewed.

If you are done with configuring click ‘Save’.

 

Domain and Group filtering

It is also possible to combine both, domain and group filtering. Here you need to enable both checkboxes.

We have the following active directory structure:

  • 24631 development
    • johndoe@ndawdev.onmicrosoft.com
  • Anton League
    • rhodes@ndawdev.onmicrosoft.com
  • App search
  • prefix1demo_1
    • carter@ndawdev.onmicrosoft.com
    • bay@subdomain.ndawdev.onmicrosoft.com

 

If domain filtering is enabled and the following checked:

  • onmicrosoft.com

If group filtering is enabled and the following is checked:

  • Anton League
  • prefix1demo_1

 

The following users and groups will be synced:

  • All members of ‘Anton League’ with the ndawdev.onmicrosoft.com domain
    • rhodes@ndawdev.onmicrosoft.com
  • All members of ‘prefix1demo_1’ with the ndawdev.onmicrosoft.com domain
    • carter@ndawdev.onmicrosoft.com
  • Group ‘Anton League’
  • Group ‘prefix1demo_1’

Will not be synced:

  • All other groups and domains that are unchecked including the users

 

If the ‘Clear cache on save’ checkbox is checked, the Admin tokens of previous syncs/connections will be cleared and renewed.

If you are done with configuring click ‘Save’.

 

Synchronization settings

If you will open the preferences, the synchronization menu will open. Here you can set the synchronization settings.

You have to enter the base URL. This is the workspace base URL where all the environments are hosted on. Mostly: https://{companyname}.workspace365.net.

Furthermore you can set the synchronization time to ‘Periodical’ or ‘Once a day’.  If you choose to set the synchronization type to ‘Periodical’ you need to define the interval in hours and/or minutes.

If you choose to set the synchronization type to ‘Once a day’, you need to define on which time you want to run the sync.

 

 

 

 

Have more questions? Submit a request

Comments