Active Directory / LDAP Synchronization

Active Directory Synchronization uses automatic group creation (with corresponding clients) based on the structure defined by Active Directory. It allows the administrator to sort clients to groups, as long as the client name matches the object type computer in the Active Directory (AD) and belongs to groups in the AD.

There are two main options that determine the manner of synchronization:

Synchronize groups allows you to choose which AD groups will be synchronized. Select All groups to synchronize the complete AD tree structure whether or not the AD groups contain ERA clients. The next two options (Only groups containing ERA Server clients and Only groups containing ERA primary server clients) will synchronize only groups containing existing ERA clients.

The Synchronization type defines whether the AD groups to be synchronized will be added to the existing AD/LDAP groups (AD/LDAP groups import), or if the existing AD/LDAP groups will be completely replaced by those to be synchronized (AD/LDAP groups synchronize).

Synchronized branches allows you to select particular branches of the Active Directory/LDAP to be synchronized. Click Configure to select what branches of Active Directory/LDAP will be synchronized with groups. By default, all branches are marked/selected.

Note: Click More information! to display additional information about the Active Directory / LDAP synchronization settings and rules.

To configure the synchronization interval between the AD/LDAP and the ERA Server, click Change... next to the Synchronize option. Select the desired frequency of the synchronization in the AD/LDAP Synchronization Scheduled Interval (in server local time) dialog window. The selected frequency will be displayed next to the Synchronize option.

Detailed configuration of Active Directory synchronization can be performed using the Configuration Editor (Remote Administrator > ERA Server > Settings > Groups and Active directory / LDAP ). You can add other Active Directory/LDAP objects by selecting the check box(es) next to the desired option(s).

Clicking Synchronize Now triggers the synchronization (based on the options configured above).

NOTE: For ERAS to synchronize with Active Directory, ERAS does not need to be installed on your domain controller. The domain controller only needs to be accessible from the computer where your ERAS is located. To configure authentication to your domain controller, go to Tools > Server Options > Advanced > Edit Advanced Settings > Remote Administrator > ERA Server > Settings > Active directory / LDAP.