Skip to main content
Druva Documentation

Change user provisioning from AD/LDAP to Azure AD

Overview

Druva inSync provides the option to change the user provisioning method from AD/LDAP to Azure AD and vice versa while preserving the user's backed up data. 

This section provides:

  • The detailed impact of changing the user provisioning  method from AD/LDAP to Azure AD
  • The checks to perform before changing the provisioning method from AD/LDAP to Azure AD
  • The procedure to change user provisioning from AD/LDAP to Azure AD
  • Next steps after changing the provisioning method from AD/LDAP to Azure AD

After successfully changing the user provisioning method from AD/LDAP to Azure AD, Druva inSync performs backups according to the profile settings.

Impact of changing the user provisioning method from AD/LDAP to Azure AD

Changing the user provisioning method from AD/LDAP to Azure AD has the below impact:

  • The following configurations get deleted from the inSync Management Console during the change in provisioning:
    • AD/LDAP mappings used to manage users in Druva inSync.
    • CloudCache mappings associated with the AD/LDAP users.
  • The user accounts provisioned using AD/LDAP and added to inSync Share groups will be detached from their respective group when the provisioning method changes to Azure AD.
  • User provisioning mode for all users will be changed to Manual provisioning.

Checks to be performed before changing the provisioning method

Ensure that none of the profiles assigned to the users that are provisioned from AD to Azure AD have AD/LDAP Account as their authentication method. The provisioning is aborted with the below error if the authentication method in any of the profiles is set to AD/LDAP Account.

If you see the above error message while changing the provisioning method, set an authentication method to other than AD/LDAP Account in the respective profile and try to provision the users again. See Update a profile.  

Change user provisioning from AD/LDAP to Azure AD

  1. Login to inSync Management Console and go to GearIconNew.png > Settings.
  2. Open the Deployment tab. Under User Provisioning, the Provisioning Method is set as AD/LDAP.

    UserDeply_AD.png
  3. Click Edit to change the provisioning method. 
  4. On the Edit Settings dialog box, change the Provisioning Method to Azure AD.

    ADLDAP to Azure AD.png
  5. Click Save.  Druva inSync asks for a confirmation and indicates the impact of the change in the user provisioning method.

     All users will be moved to manual provisioning mode and will not be mapped to any Azure AD mapping automatically.


    ADLDAP to Azure confirmation.png
  6. Click Confirm.  A confirmation message is displayed indicating the user provisioning method successfully changed to Azure AD.

Next steps after changing the user provisioning from AD/LDAP to Azure AD

  • Was this article helpful?