Hi ,
Welcome to the Support Portal. How can we help?
Follow

Azure AD sync introduction

Table of Contents

 

Introduction

Our synctool is used to automate synchronization of users and groups changes in Azure AD to Workspace. It’s different from the Azure AD synctool. The difference between them is that the Azure AD synctool syncs all the information from Local Active Directory to Azure. Our synctool syncs the information between Azure AD to Workspace 365.

Tip: if you encounter any problems during the setup or running the synctool, check out our troubleshooting section and FAQ

 

Download

The synctool and support is only available to our partners.

The synctool can be downloaded from our Downloads page. You must be logged in to our support portal in order to see it. We recommend downloading the latest version

 

Requirements

There are a few requirements:

  • Workspace check's for the user's UPN. Changing the UPN during synchronization may cause problems.
  • Users in your AAD must be assigned a first- and last name.

Keep in mind that:

  • Users from distribution lists and/or mail-enabled security groups cannot be imported. 
  • Users from Nested Groups cannot be imported.

 

Dataflow between AAD and the Workspace

The goal of the Azure AD synctool is to transmit users, user groups and group membership information from Azure AD to Workspace 365. The following diagram describes the general architecture of the synchronization process.

 

Workspace_365_AAD_Synctool.png

The data flow is unidirectional – data is coming from Azure AD through the AD synctool into Workspace 365 API and ends up in the Workspace 365 database.

The AD synctool periodically queries the Azure AD for changes and calls Workspace 365 API to process these changes. The synctool is implemented either as a console application or Windows service.

In general, the AD synctool is installed on a different server than the Workspace 365 web application, though it is possible (but not recommended) keeping them on a single server. In case of different servers, it is required to be able to establish a HTTPS connection between AD synctool and Workspace servers.

To configure the whole process, three actions are required:

  1. Configure Azure AD so that the AD tool can access the information.
  2. Configure Workspace 365 so its API accepts information from the synctool.
  3. Configure synctool so it can connect to both Azure AD and Workspace 365.

Proceed to step 1

Back to top