Active directory sync

Here you can set up syncing from Active Directory to Flow Users.

Click Add Group to add a new mapping, mapping is done from Active Directory group to Flow Role. When all groups have been added click Sync to begin syncing from Active Directory Users to Flow Users.

Everytime Sync is clicked all previous synced users are removed from Flow and new users are created to match current Active Directory status.

See and

Enter the relevant information for which AD that is to be used in the configuration and set the timing as to when the syncronization is to run. For Azure ID the id can be with our without domin. For customers with multiple domains, the inclue domain box should be ticked to avoid problems with users with the same name on differnt domains.

Sync Options

Depending on if you are using LDAP or Azure, you can choose between different sync options for each AD group:

Extended Match (Slow): Uses the LDAP_MATCHING_RULE_IN_CHAIN matching rule for LDAP (note: this is known to be very slow for large directories). For Azure, a recursive member search is performed.
Recursive Member Search: Searches LDAP groups and sub-groups for members in a top-down manner.
Only Direct Members: Searches the group for users and will not search sub-groups.

Checking the Exclude Disabled checkbox will skip users that are disabled in the Active Directory (disabled users will not be added in Flow).

PreviousSystem events NextLicense

Last updated 2 years ago

Was this helpful?