Import and sync users from Active Directory
Hideez admin cases – Import and sync users from AD
We assume that either a manual way of managing employees will be used (manual addition to HES and subsequent management up to deletion) or integration with AD when the list of employees will be synchronized with a specific group in AD.
There also possible multi-domain scenario, Azure AD and Active Directory on premises, for instance.
If you use Active Directory and want to manage employees using its interface and its tools, then you need to:
Create a group in AD with the name Security Key Owners and place all employees to whom you will give Hideez keys.
Click the button Sync with AD.
Confirm the action by clicking Sync Now.
Make sure that all employees from the Security Key Owners group are now on the list of HES employees. Employees imported from AD have a corresponding icon next to their name. You cannot edit such employees manually - there is no Edit button when you click on an employee.
Suppose you already had a manually added employee with the same name as the one imported from AD. In that case, the manually added employee data will be replaced with the data from AD.
We strongly recommend using EITHER the manual addition and management of employees OR the scenarios for working with AD.
The list of employees will be synchronized every hour.
When you add a new user to the Security Key Owners group, they will appear in the list of HES employees. After the employee appears, you will need to assign them a key and add the necessary accounts.
When you remove a user from the Security Key Owners group, they will remain in the list of HES employees, but the key will be deleted from them, i.e., the key will be transferred to the Deactivated status. You only need to receive this key from the employee, clear it (try to connect it to the Hideez Client), and the key will be transferred to the Ready status and ready for further use.
In a multi-domain scenario users from different domains mapped by the user's email address in the domain.
Thus, after synchronization, users from different domains will be combined into one user on server in case they have the same email address.