Skip to main content

 

Druva Documentation

Integrate inSync user management with AD/LDAP

inSync Private Cloud Editions: File:/tick.png Elite File:/tick.png Enterprise

Overview

This section provides information about how you can integrate your Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) details with your inSync setup. It also provides information about how you can import users from your configured AD or LDAP accounts.

About AD/LDAP integration for user management

If your organization is using Active Directory (AD) / Lightweight Directory Access Protocol (LDAP) to store user details, you can integrate your AD or LDAP with inSync to create inSync users. All you need to do is to import user details from your AD/LDAP instead of creating users individually.

To import users using AD/LDAP integration, you:

  • Determine the user login mechanism to inSync client. You can choose between AD/LDAP Account password, inSync password, or single sign-on password. 
    • inSync password is the password assigned by inSync.
    • AD/LDAP password is the AD/LDAP email address of the user and AD/LDAP password.
    • Single Sign-on allows inSync users to access inSync without the need for a separate login.
      You can control these authentication mechanisms through the profile settings. 
  • Register your AD/LDAP and provide the AD/LDAP details. inSync Master requires these details so that it can connect to your AD/LDAP. inSync requires read-only access to your registered AD/LDAP.
  • Create an AD/LDAP mapping and define filter parameters to extract user details from your AD/LDAP.
  • Choose whether you want to automatically import users from your AD/LDAP. inSync automatically imports users from your AD/LDAP at regular intervals.
  • Choose whether you want to automatically synchronize inSync users with your AD/LDAP. inSync queries your AD/LDAP for user details and
    • Preserves any inSync user which was deleted or disabled from your AD/LDAP.
    • Activates any inSync user who was earlier preserved, but now, is marked Active in AD/LDAP or falls under any AD/LDAP Mapping defined in inSync.
  • Choose whether you want to automatically update user details such as inSync user name, inSync user email address, and inSync user AD/LDAP user name at a defined interval.
  • Define the ideal time interval, in hours, when inSync should automatically query your AD/LDAP for importing and synchronizing users, and updating user information in inSync.
  • Was this article helpful?