Azure AD sync introduction
Table of Contents
Our synctool is a tool to automate synchronization of users and groups changes in Azure AD to Workspace. It’s different from the Azure AD synctool. The difference between them is that the Azure AD synctool syncs all the information from Office 365 to Azure. Our synctool syncs the information between Azure AD to Workspace 365.
Dataflow between AAD and the Workspace
The goal of the Azure AD synctool is to transmit users, user groups and group membership information from Azure AD to Workspace 365. The following diagram describes the general architecture of the synchronization process.
The data flow is unidirectional – data is coming from Azure AD through the AD synctool into Workspace 365 API and ends up in the Workspace 365 database.
The AD synctool periodically queries the Azure AD for changes and calls Workspace 365 API to process these changes. The synctool is implemented either as a console application or Windows service.
In general, the AD synctool is installed on a different server than the Workspace 365 web application, though it is possible (but not recommended) keeping them on a single server. In case of different servers, it is required to be able to establish a HTTPS connection between AD synctool and Workspace servers.
To configure the whole process, three actions are required:
- Configure Azure AD so that the AD tool can access the information.
- Configure Workspace 365 so its API accepts information from the synctool.
- Configure synctool so it can connect to both Azure AD and Workspace 365.
Proceed to step 1.