With just a few simple steps, you can effortlessly import user profiles and organizational structures directly from your AD server. This integration ensures that your CurrentWare Server remains in sync with your existing user database, reducing administrative overhead and eliminating the need for manual user creation.

You can find this option on the CurrentWare Console under Tools > Import Users.

1. Active Directory Organizational Units
2. Active Directory Security Groups
3. Text file

Related Article: Import Users from Active Directory

Step 1 – Authenticating with your Active Directory

Note: If you are making changes but have already setup an existing grouping structure, it is recommended to make a backup as there is no AD Sync revert option.

1. On the CurrentWare Web Console, go to Tools > Import Users
   
2. Select the AD OU Synchronization action
3. Fill in your domain, admin username and password to connect to your Active Directory.
   
   • It may take up to a couple of minutes to connect to your Active Directory.
4. Once connected, your users and organizational units will appear on the right side for you to choose what you want to import into your console.
5. Once synced any changes to these groups will automatically update in the web console every night.
   

CurrentWare will sync any OUs and users updates to the CurrentWare Console once every 24 hours. The AD will sync automatically every night at 12am server time by default. If you need to sync with AD immediately, you can go to Tools > Import Users > Click on the “Sync now” button.

Step 2 – Syncing with your Active Directory

When AD sync is enabled, you will have the ability to modify your group policies but you will not be able to move, rename, or delete the AD groups or users on the CurrentWare Console. To achieve data integrity during the AD sync process, CurrentWare must retain the same AD structure. You will have to manage your OUs and users directly on your Active Directory on your Windows Configuration Manager Console.

When you disable AD sync, you will retain control of your groups and users again. The policies set during AD sync and the data collected will also be retained.

What happens when I delete an OU from AD? The deleted OU group and the users within that group will be moved to the “Non-AD” folder. The data and policies will be retained.

What happens if I have duplicate group names? The duplicated groups with be assigned a group ID number. You may see something similar to users and users[1]. This is a normal behaviour within the CurrentWare Console to display duplicates.

Step 3 – Managing “Non-AD” users

With AD sync enabled, you will still have the ability to manage your other Windows workgroup users by using the [Non-AD] group that’s created automatically after you activate AD sync.

Sync Now option

The CurrentWare Console syncs with your Active Directory every 24 hours. If you want to refresh your AD structure on the CurrentWare Console faster, you click on the “Sync Now” button to manually push out the update. This only appears once you have an sync active.

Limitations with CurrentWare’s Active Directory Sync

• No Special Characters: CurrentWare cannot sync OU group names containing the following special characters `~!@%^&*©®|;:'<>/?,”
  
  • What happens if I rename a group with special characters after I enable AD sync? When a group is renamed with special characters after enabling the sync, that OU will be removed and will not be synced again. Its users will be moved to the root group (CurrentWare) to avoid data loss. Any sub OU will move up in the hierarchy and it keeps syncing along with the corresponding users.
• Renaming an OU on AD: when you rename an OU on AD, CurrentWare will see it as a new group on the Console. You will have to reconfigure your CurrentWare settings any renamed OUs.
  
  • What happens if I rename a group that has the same name as another group? The OU with the duplicate name will be removed and the users will be moved to the root group (CurrentWare) to avoid data loss.