Skip to main content
Define priority for Azure AD mapping
Updated over 9 months ago

User accounts are automatically created when Azure AD is integrated and configured. When you define multiple Azure AD mappings, the users are automatically classified while creating the user accounts based on the filter parameters. It then starts assigning the profile and storage specified in the Azure AD mapping.

However, it may be a case, where user accounts fall under multiple Azure AD mappings based on the defined criteria. In such cases, administrators can define the priority for the mappings, and users are imported based on the mapping sequence and the assigned profile and storage specified in that mapping.

When you create multiple Azure AD Mappings, inSync by default gives priority to the oldest Azure AD mapping. Azure AD mapping listed at the top has the highest priority while the one at the bottom has the lowest priority. By default, the latest Azure AD mapping defined is assigned the lowest priority. ​

Druva provides an option to change the priority of Azure AD mapping after you create it.

Example

Assume you have defined two Azure AD mappings that have the following criteria,

  • General Users Mapping

    • Import all users from the Engineering department

    • Assign them to General Profile 1

    • Per-user storage - 5 GB

  • Executive Users Mapping

    • Import Executive users that are also from the Engineering department

    • Assign them to Executive Profile

    • Per-user storage - 50 GB

General Users Mapping is created before Executive Users Mapping. Here is how inSync imports users based on the criteria defined in the Azure AD mappings,

Executive users fall under both the Mappings. As General Users Mapping is created before the Executive Users Mapping, by default, it has priority. All the users are imported to inSync, including Executive users, and assigned to the General Profile 1 and storage of 5 GB.

However, you want Executive users assigned to the Executive Profile and storage usage of 50 GB. In this case, you must change the priority of Executive Users Mapping from lowest to highest. inSync then, first classifies the Executive users and assigns them to the Executive Profile, and then other General users are assigned to the General Profile.

Update the priority of an Azure AD mapping

To change the priority of a mapping, follow these steps:

  1. Go to the inSync Management Console and click Users > User Provisioning.

  2. On the User Provisioning page, you can view the details of existing mappings. Locate the vertical three-dot menu next to New Mapping and click on it.

  3. Select Set Mapping Priority Order from the options provided.

  4. In the Edit Mapping Priority Order section, you can view the existing mappings listed according to their defined priorities.

  5. Choose the mapping whose priority you want to change.

  6. Utilize the following options appropriately to adjust the priority of the selected mapping:

    • Move Up: Click this button to increase the priority by one level.

    • Move Down: Click this button to decrease the priority by one level.

    • Move to Top: Click this button to set the priority to the highest level.

    • Move to Bottom: Click this button to set the priority to the lowest level.

  7. Click Save.

clipboard_eec4074839e2466f2decf3bf793f84399.png

The priority of the selected Azure AD mapping is updated. inSync classifies users based on the updated priority of the Azure AD mapping and assigns them the profile and storage.

Did this answer your question?