Synchronizing with the Directory Synchronization Client

Note: Support for Directory Synchronization Client is limited to the most recent version and the version that immediately preceded it.

You specify which groups to synchronize using an LDAP search facility on the Directory Synchronization Client,. There is great flexibility in selecting the appropriate data to synchronize. For example, you can use the membership of an LDAP group attribute to select the users you want, even though you may not select that group in the group synchronization setup itself.

Note: If you add or change a group name in Active Directory or move a group from one organizational unit (OU) to another, be sure to add the new name to the group inclusion list on the Directory Synchronization Client before the next synchronization. Otherwise, the group is deleted from the portal.

Regardless of how many groups you synchronize, user detail must be sent as part of a separate user synchronization. When you synchronize a group, you transfer information about the group but not about its contents. User synchronizations include details of the group(s) to which users belong. When you apply a web policy or an email policy to a synchronized group, that policy is applied to all synchronized users who are members of that group.

Please refer to the Directory Synchronization Client Administrator’s Guide in the Technical Library for more information on using the LDAP search feature to target only those users and groups that are required.