Initial Setup How to Perform Directory Synchronization in AuthAnvil
AuthAnvil supports the synchronization of users from Active Directory (AD) through the proper configuring the Active Directory Sync feature in AuthAnvil.
Note: Use of this agent will require that the Windows operating system version has Internet Explorer 11 installed and fully updated.
Note: Users will only be added if the following four pieces of information are present:
- First Name
- Last Name
- Email Address
- User Logon Name
Note: If any of the above noted data is missing from a user, the sync will stop and no further users will be added until the missing data is updated in Active Directory.
First: Configure Directory Sync in AuthAnvil
Log in to your AuthAnvil tenant site.
- Select Directory Manager.
- Select Directory Sync.
- Select the circle with the plus sign in the bottom right corner.
- Select Let's Get Started.
- Select Download Agent Installer.
Note: You should download and install this agent software on a domain joined machine that has the Microsoft .NET Framework 4.6+ installed. You can download .NET v4.6 here.
While you can install it directly on the domain controller, we recommend you install it on a member server instead (if possible). This will allow directory sync to run with less privilege, which is a safer default. Please remember to authorize the agent with the same user account you are currently using.
Next: Configure the Directory Sync agent on a Domain joined machine.Note: If you have any installation issues try running the MSI from an elevated command prompt (Run as Administrator) this should prevent interference from UAC (User Account Controls).
- Download directory on the server, or copy the DirectorySyncAgent.exe file directly to the machine.
- Select Next.
- Select Install.
- Select Finish.
- Enter your AuthAnvil Domain.
- Log into your AuthAnvil On-Demand account.
- Select authentication method.
- Once authenticated select Allow.
- Select OK.
From here you will return to your AuthAnvil tenant web interface.
The newly installed agent will check in and be displayed in the Directory Sync section.
Select the agent by clicking on it.
By selecting Edit you can set the following.
- Sync Frequency (Hours)
- Account Status on Sync
- Send Activation emails
- Require MFA
Selecting Organizational Units will allow you to define what items from Active Directory should be synchronized.
Note: If you choose to use the Full On-boarding Policy all the users added will receive an enrollment email.