Active Directory user discovery

Advanced Server Access user discovery can automate the process of finding users and their corresponding security identifier (SID). SIDs are required to comply with Microsoft's certificate-based authentication requirements. User sync jobs use an existing Active Directory (AD) connection to perform the following tasks:

• Control where to search for users
• Use LDAP queries to filter users
• Include user SID in the certificate
• Automatically run user sync jobs on a set schedule

Limitations

• Maximum of 10,000 discovered users per AD job

• Maximum of 10 active user sync jobs per AD connection

User removal

User sync jobs perform a full reconciliation with AD every time they run. If a previously discovered user isn't detected for 48 hours, it's removed from Advanced Server Access.

Job history

Teams can review the results of previous job runs on the Run History tab. This includes date and time data, status information, and details on which users were added or removed.

Related topics

• Create a user sync job
• User sync discovery rules
• Test a user sync job
• Activate a user sync job
• Manage a user sync job