Ask the Community
Groups
Enabling Directory Synchronization - Connect IT Community | Kaseya
<main> <article class="userContent"> <h3 data-id="question"><strong>QUESTION</strong></h3> <h4 data-id="how-do-i-enable-passly-directory-synchronization">How do I enable Passly Directory Synchronization?</h4> <h3 data-id="answer"><strong>ANSWER</strong></h3> <h3 data-id="supported-operating-systems">Supported Operating Systems</h3> <ul><li>Server 2012 </li> <li>Server 2012r2</li> <li>Server 2016</li> <li>Server 2019</li> </ul><p><strong>Note: </strong>The use of this agent will require that the Windows operating system version has Internet Explorer 11 installed and fully updated.</p> <h3 data-id="prerequisites-to-sync-a-user-from-ad-to-passly">Prerequisites to sync a user from AD to Passly</h3> <p><strong>Note</strong>: Users will only be added if the following four pieces of information are present.<br>First Name<br>Last Name<br>Email Address<br>User Logon name:<br></p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/KE1UO96Q3OHF/ad1-png.png" alt="ad1.PNG" class="embedImage-img importedEmbed-img"></img><img src="https://us.v-cdn.net/6032361/uploads/migrated/B07V4PYEBX62/ad2-png.png" alt="ad2.PNG" class="embedImage-img importedEmbed-img"></img><br><br><strong>Note</strong>: If any of the above-noted data is missing from a user then the sync will stop and no further users will be added until the missing data is updated in Active Directory.</p> <p><strong><br></strong><strong>Configuring Directory Sync in AuthAnvil On-Demand</strong></p> <p>Log in to your AuthAnvil On-Demand tenant site.</p> <ul><li>Select <strong>Directory Manager</strong>.</li> <li>Select <strong>Directory Sync</strong>.</li> <li>Select the circle with the plus sign in the bottom right corner.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/EJPW01YZS8WV/11-png.png" alt="11.PNG" class="embedImage-img importedEmbed-img"></img></li> <li>Select <strong>Let's Get Started</strong>.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/65ZKYEFARBOF/12.png" alt="12.png" class="embedImage-img importedEmbed-img"></img></li> <li>Select <strong>Download Agent Installer</strong>.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/IBHZ220C6F26/13.png" alt="13.png" class="embedImage-img importedEmbed-img"></img></li> </ul><p> <img src="https://us.v-cdn.net/6032361/uploads/migrated/6WNM7JK8JTF9/14.png" alt="14.png" class="embedImage-img importedEmbed-img"></img></p> <p><strong>Note</strong>: You should download and install this agent software on a domain joined machine that has the Microsoft .NET Framework 4.6+ installed. You can download .NET v4.6 <a rel="nofollow" href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fdownload%2Fdetails.aspx%3Fid%3D48130"><strong>here</strong></a>.</p> <p>While you can install it directly on the domain controller, we recommend you install it on a member server instead, if at all possible. This will allow directory sync to run with less privilege, which is a safer default. Please remember to authorize the agent with the same user account you are currently using.</p> <p><br><strong>Configuring the Directory Sync agent on a Domain joined machine.</strong></p> <p>Download directory on the server, or copy the DirectorySyncAgent.exe file directly to the machine.</p> <p><strong>Note</strong>: If you have any installation issues try running the MSI from an elevated command prompt (Run as Administrator) this should prevent interference from UAC (User Account Controls).</p> <ul><li>Select <strong>Next<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/TT39GONW1CGZ/15.png" alt="15.png" class="embedImage-img importedEmbed-img"></img><br></strong> </li> <li>Agree to the Terms of Use.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/LUOCAR45BHHW/16.png" alt="16.png" class="embedImage-img importedEmbed-img"></img></li> <li>Select <strong>Install</strong>.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/277ICSFJ6YHT/17.png" alt="17.png" class="embedImage-img importedEmbed-img"></img></li> <li>Select <strong>Finish</strong>.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/0453C97N4XJ7/18.png" alt="18.png" class="embedImage-img importedEmbed-img"></img></li> <li>Enter your AuthAnvil Domain.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/TGZWR52RJAO5/19.png" alt="19.png" class="embedImage-img importedEmbed-img"></img></li> <li>Log into your AuthAnvil On-Demand account.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/PGRA87MFCSA5/20.png" alt="20.png" class="embedImage-img importedEmbed-img"></img></li> <li>Select authentication method.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/58S8G0OT78S2/21-png.png" alt="21.PNG" class="embedImage-img importedEmbed-img"></img></li> <li>Once authenticated select <strong>Allow</strong>.</li> <li>Chose the Service account. Click Continue<img src="https://us.v-cdn.net/6032361/uploads/migrated/Q0B8QZO42JV6/22.png" alt="22.png" class="embedImage-img importedEmbed-img"></img></li> <li>Select <strong>OK</strong>.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/JADILI6P19NE/23.png" alt="23.png" class="embedImage-img importedEmbed-img"></img></li> </ul><p> </p> <p>From here you will return to the tenant web interface.</p> <p>The newly installed agent will check-in and be displayed in the Directory Sync section. Click Next.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/TIWKRAH392VW/25.png" alt="25.png" class="embedImage-img importedEmbed-img"></img></p> <p>Selecting Organizational Units will allow you to define what items from Active Directory should be synchronized. Click Next.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/VGQFB2K6KLA7/26.png" alt="26.png" class="embedImage-img importedEmbed-img"></img></p> <p>Select the Organization, Agent Friendly Name and Activation Policy. Click Next.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/RPMYPJBII54X/27.png" alt="27.png" class="embedImage-img importedEmbed-img"></img></p> <p>Exit.</p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/KYCPAPN57CB9/28.png" alt="28.png" class="embedImage-img importedEmbed-img"></img></p> <p> </p> <p>Select the agent by clicking on it.</p> <p>By selecting <strong>Edit</strong> you can set the following.</p> <ul><li>Name</li> <li>Status</li> <li>Provisioning Policy</li> <li>Password Policy (Synchronize password changes from Passly to Active Directory)</li> </ul><p><strong>Note</strong>: If you choose to use the Full Onboarding Policy all the users added will receive an enrollment email.</p> <p> </p> <p> </p> <p> </p> </article> </main>