Overview
inSync provides the option to change the user provisioning method from AD/LDAP to Azure AD and vice versa while preserving the user's backed up data.
This section provides:
The detailed impact of changing the user provisioning method from AD/LDAP to Azure AD
The checks to perform before changing the provisioning method from AD/LDAP to Azure AD
The procedure to change user provisioning from AD/LDAP to Azure AD
The next steps after changing the provisioning method from AD/LDAP to Azure AD
After successfully changing the user provisioning method from AD/LDAP to Azure AD, inSync performs backups according to the profile settings.
Impact of changing the user provisioning method from AD/LDAP to Azure AD
Changing the user provisioning method from AD/LDAP to Azure AD has the following impact:
The following configurations get deleted from the inSync Management Console during the change in provisioning:
AD/LDAP mappings are used to manage users in inSync.
CloudCache mappings associated with the AD/LDAP users.
The user accounts provisioned using AD/LDAP and added to inSync Share groups will be detached from their respective group when the provisioning method changes to Azure AD.
User provisioning mode for all users will be changed to Manual provisioning.
Checks to be performed before changing the provisioning method
Ensure that none of the profiles assigned to the users provisioned from AD to Azure AD have AD/LDAP Account as their authentication method. The provisioning is aborted with the below error if the authentication method in any of the profiles is set to AD/LDAP Account.
If you see the above error message while changing the provisioning method, set an authentication method other than AD/LDAP Account in the respective profile and try to provision the users again. See Update a profile.
Change user provisioning from AD/LDAP to Azure AD
Go to the User page from the Endpoints/SaaS Apps console.
Select the User Provisioning tab.
Click the vertical three-dot menu on the summary section and select the Change User Deployment method option.
Select Azure AD as the provisioning method and click Save. A confirm message appears.
❗ Important
All users will be moved to manual provisioning mode and will not be mapped to any Azure AD mapping automatically.
5. Select Confirm in the dialog box. A confirmation message indicates that the user provisioning method was successfully changed to Azure AD, and the Settings page redirects to the Users > User Provisioning page to create the Azure AD mapping.
The next steps after changing the user provisioning from AD/LDAP to Azure AD
Create new Azure AD mappings to define the filter parameters. See Create Azure AD mapping.
Define priority of Azure AD mapping (optional).