Synchronizing Domain (AD) Users and Groups

FileHold can synchronize Windows Active Directory domain users and groups with the FileHold registered users. The benefits of synchronization of user and group objects with Active Directory include: centralized control of system users, single sign on authentication support, the ability to quickly rollout new users to FileHold from Active Directory or disable user access to FileHold for users that are disabled in a domain. This feature is available for all customers that purchase the Microsoft Active Directory Synchronization option. FileHold can synchronize users from multiple domains and a single OU in each domain. A single domain can be chosen as the default for manual web client logins.

Active Directory synchronized users are called FileHold Domain Users within the FileHold system. Groups synchronized with Active Directory are called FileHold Domain Groups. The users and groups behave the same way as locally managed users when interacting with FileHold. User properties for domain users such as contact information and passwords are managed externally to FileHold using normal Microsoft Active Directory tools.

When adding domain groups, the group names can be viewed in the Users List; however, they are not using up a registered user license account. Domain groups are simply placeholders that allow you to assign them to FileHold groups.

Domain groups can be assigned to FileHold Groups that can in turn be given access (membership) to specific content located throughout the Library. Synchronization of a domain group will allow a new user added to the domain group at the Active Directory level to be automatically provisioned to all areas of FileHold based on the pre-defined permissions of their FileHold groups.

TIP: If you did not purchase the Active Directory option you will only be able to create locally managed users. You will not be able to synchronize FileHold with Active Directory. To purchase the Microsoft Active Directory Synchronization option, contact sales@filehold.com. This option is sold with professional services to ensure a successful synchronization.

Adding a Domain User / Group to FileHold

Complete the following steps to add a domain-managed (Active Directory) user account to FileHold.

IMPORTANT: You will only be able to compete the following steps if you have purchased the Active Directory synchronization option, the option has been installed, and at least one domain has been synchronized.

To add a domain user or group to FileHold

  1. In the Web Client, go to Administration > System Management > User Management > Users and click Add User(s).

  • Alternatively, in FDA, log in with System Administrator rights and go to Administration > User Management > Users.
  1.  For FileHold 16.0 and higher versions, click Add Add button - Users list.
  • For FileHold 15.2.1 and lower versions, click Add User(s).
  1. Select Add a user(s) or group(s) from a domain/directory server and select the domain name from the list.

  2. Click Next.

  3. Select the check boxes for the users or groups you want to add and click Add.

  4. To search for a domain user or group in the list, enter the name in the search field and click Search.

Domain User Synchronization

  1. In the Add Domain Group Options, select one of the following and click OK:

  • Add the group and the group members. Keep both synchronized with the domain.

  • Add just the group members and do not add the group. Only the user accounts will still be synchronized with the domain.

  1. At the Add User(s) and Group(s) Confirmation, click OK.

  2. Continue to add more users and groups to FileHold.

  3. To return to the user list, click Back to the User List.

  4. To set viewer, guaranteed access, scanning inbox (Web Cap) licenses, and multi-factor authentication exclusions, select Properties next to the user name and go to Account Settings. See Creating Locally Managed Users for more information.