Active Directory User
Synchronization FAQ
What is a Domain User or Domain Group?
Domain users or domain groups are users or groups that are synchronized
with Active Directory. This is as opposed to locally managed users which
are users added directly to FileHold. Use this link to learn more about
locally managed users.
Exactly what is synchronized with Active Directory?
With the Active Directory Toolkit, FileHold software can synchronize domain
users and groups that reside in Active Directory with the FileHold user
store. This is of benefit to larger companies who want to manage users
and groups through a central directory server so that any changes that
take place are immediately reflected in the FileHold Application.
Do I have to synchronize users / groups with Active
Directory?
No. FileHold supports adding users directly to the FileHold user store
without the need for Active Directory. Users added directly to FileHold
are called locally managed users.
Is the Active Directory Synchronization Toolkit an additional
charge?
Yes. The Active Directory Integration Toolkit can be purchased from FileHold
for the direct integration of the FileHold with Microsoft Active Directory.
This toolkit includes additional support resources to ensure a successful
synchronization system. It is important to keep in mind that some Active
Directory deployments can be complex as they employ custom schemas and
objects that may not be industry standard and can require additional effort
to synchronize with.
How are users / groups synchronized with Active
Directory in FileHold different from users added directly to FileHold?
Users synchronized with Active Directory are called FileHold Domain Users.
Groups synchronized with Active Directory are called FileHold Domain Groups.
The users and groups behave the same way as locally managed users when
interacting with the FileHold library. The only difference is that the
properties (contact information, passwords etc) associated with domain
user/group objects are managed externally in Active Directory.
What are the benefits of Synchronizing user / group objects with
Active Directory
There are many benefits to synchronization of user / group objects with
Active Directory including centralized control of system users, Single-Sign
On FileHold library authentication support and the ability to quickly
rollout new users to FileHold application from Active Directory.
Why would I want to Synchronize a domain group?
Domain groups can be assigned to FileHold Groups that can in turn be given
access (membership) to specific content located throughout the FileHold
library. Synchronization of a domain group will allow a new user added
to the domain group at the Active Directory level to be automatically
provisioned to all areas of the FileHold library based on the pre-defined
permissions of FileHold groups in the system.
How Do I add a Domain User / Group to the FileHold ?
Complete the following steps to add a Domain / User managed user account.
Note, before you complete these steps FileHold has to be successfully
synchronizing with Active Directory. Contact FileHold support to start
the process of domain synchronization if you haven't already.
- Click on the System Admin link in the top right hand
corner of the web client application to access the system administration
section.
- Select the User and Group Management > Users
option from the menu on the left. The master list of system users will
appear.
- Click the Add User(s) button from the top right hand
corner of the master user list. The form that appears will prompt you
to select the type of user you want to add. Select the Add a
user(s) or group(s) from a domain / directory server option.
And select a domain from the drop down list.
- The select user group form appears allowing you to approve which
synchronized Active Directory users would you like to become active
FileHold users. Select the users and click OK. These users will be added.
|
