Using the Workplace Active Directory Sync (AD Sync) Component
This article is only applicable to users of Workplace Essential and Workplace Advanced.
If your Active Directory is synchronized to a cloud identity provider that partners with Workplace, we recommend integrating Workplace with your cloud provider directly.
The Workplace AD Sync component lets you sync selected groups and organization units from Active Directory to Workplace, eliminating the need for manual user administration when people join and leave your organization. AD Sync is designed to automatically:
- Provision (create) user accounts as new people should be given access to Workplace.
- Update user profile attributes over time as they change (ex. different phone number).
- De-provision (deactivate) user accounts as people leave your organisation, or should no longer have access.
AD Sync runs as a Windows Service within your IT infrastructure. After you configure it to query AD for the set of users you'd like to give access to Workplace, AD Sync will run on a schedule every 3 hours to reconcile accounts between AD and Workplace.