Skip to main content
Change user provisioning from AD/LDAP to Azure AD
Updated over 9 months ago

Overview

inSync provides the option to change the user provisioning method from AD/LDAP to Azure AD and vice versa while preserving the user's backed up data.

This section provides:

  • The detailed impact of changing the user provisioning method from AD/LDAP to Azure AD

  • The checks to perform before changing the provisioning method from AD/LDAP to Azure AD

  • The procedure to change user provisioning from AD/LDAP to Azure AD

  • The next steps after changing the provisioning method from AD/LDAP to Azure AD

After successfully changing the user provisioning method from AD/LDAP to Azure AD, inSync performs backups according to the profile settings.

Impact of changing the user provisioning method from AD/LDAP to Azure AD

Changing the user provisioning method from AD/LDAP to Azure AD has the following impact:

  • The following configurations get deleted from the inSync Management Console during the change in provisioning:

    • AD/LDAP mappings are used to manage users in inSync.

    • CloudCache mappings associated with the AD/LDAP users.

  • The user accounts provisioned using AD/LDAP and added to inSync Share groups will be detached from their respective group when the provisioning method changes to Azure AD.

  • User provisioning mode for all users will be changed to Manual provisioning.

Checks to be performed before changing the provisioning method

Ensure that none of the profiles assigned to the users provisioned from AD to Azure AD have AD/LDAP Account as their authentication method. The provisioning is aborted with the below error if the authentication method in any of the profiles is set to AD/LDAP Account.

If you see the above error message while changing the provisioning method, set an authentication method other than AD/LDAP Account in the respective profile and try to provision the users again. See Update a profile.

Change user provisioning from AD/LDAP to Azure AD

  1. Go to the User page from the Endpoints/SaaS Apps console.

  2. Select the User Provisioning tab.

  3. Click the vertical three-dot menu on the summary section and select the Change User Deployment method option.

  4. Select Azure AD as the provisioning method and click Save. A confirm message appears.

clipboard_e0a975203b74c9ce0010b94657fe09b3a.png


❗ Important

All users will be moved to manual provisioning mode and will not be mapped to any Azure AD mapping automatically.


5. Select Confirm in the dialog box. A confirmation message indicates that the user provisioning method was successfully changed to Azure AD, and the Settings page redirects to the Users > User Provisioning page to create the Azure AD mapping.

clipboard_ea02ec7d20ae71455e5b2131a5708270c.png

The next steps after changing the user provisioning from AD/LDAP to Azure AD

Did this answer your question?