Last updated
Was this helpful?
Last updated
Was this helpful?
Click the button Settings→Parameters→Add Domain Settings
Domain Name: enter your Active Directory domain. This is necessary to import users from previously created groups in AD.
User Logon Name: AD administrator's login with permissions to get users and groups from the AD and change user passwords.
Skip credentials (sync will be disabled)
Password: AD administrator's password with permissions to get users and groups from the AD and change users' passwords.
Auto Password Change (days): number of days after which it is necessary to change the password from the domain account to users from the Security Key Auto Password Change group.
Users Sync Group Name: Users in the Active Directory sync group are automatically imported to HES during synchronization. If removed from the group, they remain in the HES employee list. Synchronization occurs every hour.
Hideez Key Auto Password Change: If a user is in both the sync group and the auto password change group, their domain account is imported during synchronization, and a new password is generated. This password is written to the Hideez Key and simultaneously updated in Active Directory. From then on, the user must log in using their Security Key. Scheduled password changes will follow the same process. If the user is removed from the auto password change group, automatic password updates stop.
Keep – The user will remain on the Hideez server after being removed from the synchronization group in Active Directory. They will still be able to use SSO login for web services and unlock their PC.
Deactivate – The user will be deactivated on the Hideez server but not deleted after being removed from the synchronization group in Active Directory. In this state, they will not be able to use SSO login for web services but will still be able to unlock their PC. To reactivate the user, the administrator must manually activate them in the system.
Delete – The user will be completely removed from the Hideez server after being removed from the synchronization group in Active Directory. They will lose access to SSO login for web services and the ability to unlock their PC. To add the user back, the administrator must:
Add them to the synchronization group in Active Directory and perform synchronization.
Manually add the user.
Wait for automatic synchronization (once per hour, the Hideez server automatically synchronizes with Active Directory, imports users from the synchronization group, and updates their data).
If you do not need to import employees, but only need to configure workstations joined to the Active Directory On-Premises domain, you can enable the following setting: Disable Domain Synchronization.
Hideez Enterprise Server – Setting HES Server parameters