Azure AD sync introduction
Table of Contents
Our synctool is a tool to automatic synchronization of users and groups changed in Azure to the Workspace. It’s different from the Azure AD synctool. The difference between them is that the Azure AD synctool syncs all the information from Office 365 to Azure. Our synctool syncs the information between Azure to Workspace 365.
The synctool and support is only available to our partners. The tool can be downloaded from our Downloads page (Technical --> Downloads). You must be logged in to our support portal in order to see the Downloads section.
Dataflow between AAD and the Workspace
The goal of the Azure Active Directory synctool is to transmit users, user groups and group membership information from Azure Active Directory to Workspace 365. The following diagram describes the general architecture of Azure Active Directory sync to Workspace 365.
The data flow is unidirectional – data is coming from Active Directory through the AD synctool into Workspace 365 API and ends up in Workspace 365 database.
AD synctool periodically queries the Active Directory for changes, and calls Workspace 365 API to process them. Synctool is implemented either as console application or Windows service.
In general case, AD synctool is installed on a different server than Workspace 365 web application, though it is possible but not recommended keeping them on a single server. In case of different servers, it is required to be able to establish HTTPS connection between AD synctool and Workspace servers.
To configure the whole process, three actions are required:
- Configure Active Directory so AD tool can access the information in it.
- Configure Workspace 365 so its API accepts information from the synctool.
- Configure synctool so it can connect both to AD and Workspace 365