Creating an Active Directory (AD) Sync Job
- 16 Dec 2021
- 1 Minute to read
- Print
- DarkLight
This documentation version is deprecated, please click here for the latest version.
Creating an Active Directory (AD) Sync Job
- Updated on 16 Dec 2021
- 1 Minute to read
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
Overview
The following document demonstrates how Active Directory (AD) systems can be synchronized with this system to automatically create local Accounts through scheduled Sync Jobs.
Warning
This will require appropriate technical resources on the clients' side to be able to implement. It is recommended to make sure to have someone from the organization with experience available to streamline the process.
The support team is available to help, but may not be able to answer questions or solve company-specific problems.
The support team is available to help, but may not be able to answer questions or solve company-specific problems.
Prerequisite
The following example requires that an AD Server authentication has been properly configured within the Portal.
For more information see: Setting up Active Directory (AD) Server Authentication.
Additionally, the Server must have the Can Be Job Server System Setting enabled. To enable this, navigate to System > Administration > Servers. Right-click the desired Server and click Edit Server. Then, check Can Be Job Server and click SAVE.
For more information on enabling Job Servers, see: Enabling and Disabling Job.
.png)
For more information see: Setting up Active Directory (AD) Server Authentication.
Additionally, the Server must have the Can Be Job Server System Setting enabled. To enable this, navigate to System > Administration > Servers. Right-click the desired Server and click Edit Server. Then, check Can Be Job Server and click SAVE.
For more information on enabling Job Servers, see: Enabling and Disabling Job.
.png)
Warning on SSO
Users cannot setup Active Directory Sync simultaneously with Single Sign On (via SAML and OpenID Modules). Doing so will result in an error that requires users to reset their sign on setup.
If an account has to be deactivated in Decisions, be sure it is also deactivated in Active Directory to avoid any potential issues when syncing.
Example
Warning on Import/Export
AD Sync Jobs should never be imported/exported to another environment. They must be created individually on each desired environment.
- Navigate to System > Jobs and Events > Scheduled Jobs and clicking the New AD Sync Job button.
- In the New AD Sync Job dialog, select the Sync All Domains. To ensure that this sync job is re-queued in the event of a failure, select the Requeue if Job Fails checkbox. Under Schedule Configuration, in the Calendar drop-down select Time Span Schedule.
- Select Immediately in the RunWhen drop-down list, then use the TimeSpan controls to define an interval of 18 hours, 35 minutes and 1 second. This means that every 14 hours, 1 minute and 46 seconds, the system will immediately try to synchronize with the AD Server. Click the OK button.
- The new sync job will appear in the Scheduled Jobs Folder. From here users can run it manually or manage it.
Was this article helpful?
