Sync Active Directory role mapping

Manually or automatically synchronize (sync) role mappings between the Active Directory and Control Room.

Automatically synchronize Active Directory role mapping

By default, synchronizing between Active Directory and Control Room occurs by default at the time interval of 1440 minutes (one day). The time interval for synchronization can be changed in the Active Directory role mappings main page.

Note: As this can be a time-consuming and an expensive operation, set the role synchronization time period to the default value of 1440 minutes (1 day).

Manually run or restart synchronizing Active Directory role mapping

To run or restart automatic synchronizing between the Active Directory and Control Room, do this: From the Control Room go to the Active Directory role mappings page and click the Sync roles from Active Directory option.

This starts the synchronizing process immediately and continues to run it automatically based on the time interval set.

Cancel automatic synchronizing Active Directory role mapping

To cancel automatic synchronizing between Active Directory and Control Room, do this: From the Control Room go to the Active Directory role mappings page and click the Cancel Sync option to turn off the periodic automatic sync.

Events that require Active Directory role mapping sync

Sync the role mappings whenever these events occur:

  • Changes to AD groups

    If any group that is mapped is deleted from the AD, the mappings must be validated before they are deleted because the group is no longer available.

  • Update to the license file

    Updating the license file can change the available roles. Mappings must be synchronized before updating the roles.

    Note: After a sync, the user must wait a few seconds for the updated changes to appear.