Skip to main content

Set up Active Directory sync

Synchronize your Active Directory Users and Groups to enable content filter policy assignment to AD-managed people groups (rather than network devices via IP address).

1. Configure your AD server for synchronization

  • Create a User that has access to the user and groups database (should Not be a domain admin for security reasons)
  • Ensure your AD server allows plaintext access on port 389 or LDAPS on 636

2. Configure the DrawBridge for AD Sync

Note: this setup guide is not using an encrypted connection; this is not ideal and recommendations may change.

  • Navigate to Accounts / Authentication Integration (under Apps in menu tree) / Active Directory

  • Fill out the form to create an Active Directory Server record, as illustrated here: create-ad-server--server.png create-ad-server--connection.png create-ad-server--filters.png create-ad-server--save.png

  • Test the connection with Verify Connection Settings in the hamburger menu.

    A notification will indicate whether the connection test was successful or not. ad-server-test-connection.png

  • Trigger an AD Sync run with Sync Directory Servers in the hamburger menu.

    A notification will indicate the sync run was initiated. This typically completes within a minute, however, your environment may be different. This routine does not provide any further status notifications.

    You can verify the sync is complete by visiting Accounts / People and Accounts / Groups / Directory Groups and confirm that all the Users and Groups from your AD server are now present. ad-server-trigger-manual-sync.png

4. Next Steps

This how-to guide is the prerequisite procedure to setting up filter policies for Directory User Groups. For further instructions, see the articles:

  • Configure Proxy User Groups
  • Assign an Access Policy to a Proxy User Group
Back to top