AX2575

Synchronizing users with Active Directory

You can import users from Active Directory, to automatically create users within Axiom Software and assign them to the appropriate roles. Subsequent imports can be used to create new users and synchronize previously imported users.

Active Directory synchronization can only be used in conjunction with Windows Authentication. For more information, see Using Windows Authentication.

To set up Active Directory synchronization:

1. Enable Active Directory synchronization for your system.

   For on-premise systems, Active Directory synchronization can be enabled during the Axiom Application Server installation. If it was not enabled during the installation, you can configure it later using either of the following options:

   • Use the Configure Authentication Methods page of the Axiom Software Manager. For more information, see the Installation Guide.

   • Use a Save Type 4 report to modify the applicable system configuration setting (WindowsAuthUserSyncEnabled). For more information, see System configuration settings.

   For cloud systems, Axiom Support can enable Active Directory synchronization for your system.

2. Create a job in Scheduler with an Active Directory Import task, and schedule the job to run periodically as needed for your environment.

   Each import task can import users from a single Active Directory domain into the current Axiom Software system. The import task specifies the Active Directory domain and groups to import, role mappings, and notification settings. If you need to import from multiple Active Directory domains, then you must create an import task for each domain.

When the Scheduler job is run, new users are created as needed and existing users are synchronized with Active Directory.