Synchronizing Users from Active Directory

As an Enterprise Admin or admin user, you can configure Kore to synchronize with your organizational LDAP Active Directory to enroll users from your company into Kore. On the Directory Sync page in the Enrollment module, you can choose to use a cloud-based or Kore agent to connect to your Active Directory (AD) server, manually start a synchronization with your company Active Directory, create exclusion rules used to prevent unwanted updates to existing users or groups, define distribution lists to import from Active Directory, define organizational units to import from Active Directory, and set up an automated schedule for synchronization.

Kore can synchronize with your LDAP Active Directory to match the domain member information from your organization to include, for example, user profile data such as name, department, title, telephone number, location, and user status in the organization.

If a Kore user leaves your company and is deactivated in Active Directory, Kore can automatically deactivate the Kore account during the next scheduled Active Directory synchronization. Your company Active Directory is never modified during synchronization.

Use the Cloud-based Connector or the Kore Directory Agent Connector?

Kore can either directly connect to your AD server and request data using standard authentication, or you can configure a Kore Directory Agent in your company Intranet to push data to Kore as needed. The latter option is more secure in that an AD port does not need to be opened to the Internet to allow Kore servers to access your Active Directory server, and any AD credentials are only saved inside your company Intranet.

Both options require authentication and are secure, however, no incoming connections to your AD server are required for the Kore Directory Agent. All configuration and security for AD sync with Kore is completed inside your Intranet and data is only pushed to Kore as you define within your Intranet.

To get started, you must choose with type of Connection Settings that you want to use. The following illustration is an example of the Directory Sync page in the Enrollment module with the Kore Directory Agent selected.

Prerequisites

To configure Active Directory synchronization using cloud-based or the Kore Directory Agent, you must:

  • Have administrative access for Read and Execute on your LDAP server.
  • Be familiar with LDAP queries and LDAP server administration.
  • Have a Microsoft Active Directory LDAP Server.

Kore offers a wizard-based approach that will take you through a step-by-step process to set up access to an Active Directory and configure the synchronization process customized for your company. You can define synchronization for domain members, and if needed, distribution lists and organizational units.

In This Section

Next Steps

Domain members may be Kore users that are not yet managed in your domain. After you synchronize, you may want to view the list of unmanaged users and unmanaged spaces to determine if they should be managed in your domain. For more information, see Working with Unmanaged Users.

Comments