Versions Compared

Old Version 24

changes.mady.by.user Agat Support

Saved on

compared with

New Version 25

changes.mady.by.user Agat Support

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Active Directory Sync Adapter is a service that is required for Ethical Wall, DLP, Webex retention policies and Teams Governance (MS / Webex). It connects AD using LDAP to Azure or on prem AD and takes the relevant users and groups and inserts them to the DB.
The Ethical Wall, DLP, Webex retention policies and Teams Governance (MS / Webex) will query the DB and not the LDAP. This will save time and resources for the EW policy engine, DLP, Retention policies engine and Governance. At this point Active Directory Sync Adapter caches only users and groups that are configured in the Ethical Wall Policies, DLP rules, Webex retention policies and Teams Governance (MS / Webex). It supports Azure and local AD.

The Adapter has 2 5 main roles independent from each other

  1. Update group membership for EW, DLP, Teams Governance (MS / Webex), and Webex retention policies

  2. Update users for SharePoint webhooks

  3. Fill Missing missing information in the Users table based on the email address

  4. Sync information (UPN & email address) of users in the Users table

  5. Update nested groups

Note: AD Sync Adapter can be monitored by AGAT Sphere Shield Service Agent.

...

AD sync fills in Entityid and EntityType

...

3. Fill Missing missing Users Information based on the email address:

Active Directory Sync can fill missing users information based on email address. It takes the email address from Users table and gets the user information from Azure, than insert the missing information of the user to Users table.

Set “FillUsersMissingValues“ in Application settings file to “true” to update the users information.

4. Sync information (UPN & email address) of users in the Users table

From AD-Sync 1.2.8, there is support for syncing users’ information, like UPN and email address from the active directory to the USERS table in the database.

This feature is important when a customer do some changes in the user’s UPN or the user’s email address in the active directory. This feature works only in the Azure active directory for now. It doesn’t work in a local active directory.

To enable this feature please set the value of the “EableSyncUsersInfoTable“ setting to true.
To set how often the AD-Sync will sync the users’ information, please use the “IntervalSyncUsersInfoTable“ setting.

5. Update nested groups:

From AD-Sync 1.2.8-rc2, there is support for syncing nested groups from LDAP into the MANAGED_NESTED_GROUPS table.

...