Setup and Sync from Active Directory/LDAP server

Setup and Sync from Active Directory/LDAP server

System requirements

Zoho Directory Sync Tool READ and REPLICATING DIRECTORY CHANGES permissions for the domains that need to be synced
  1. .NET Framework - 4.6 or later
  2. Browser - Internet Explorer 9 or later
  3. Operating System - Windows 7 or later
  4. Password Sync Agent Administrative privilege in Active Directory for the domains that need to be synced.
  5. .NET Framework 2.0 or 3.5 installed in all domain controllers, along with the HTTP Activation and Non-HTTP Activation features.
Message queuing service enabled and running before installing the Password Sync Agent. The domain controllers must have had a full installation, rather than a server core installation.
  1. Sign in to Zoho Directory , then click Admin Panel in the left menu.
  1. Go to Active Directory, then click Download.

  1. Install the downloaded file in the Domain Controller (DC), or a system connected to the DC.
  2. Open the tool, go to Zoho Sign-in, then sign in with your Zoho Directory admin credentials.
  3. Go to LDAP Configuration, then sign in with your LDAP domain's administrator credentials. Sign in to all the required domains.

  1. Choose the required OUs and objects to sync with Zoho.
    1. Note: You can check the users and groups that are eligible for sync by clicking View Count in Select OUs.
  2. To further filter the objects to sync, go to Exclusion Rules, then click Add Rule. Select the type of objects to filter out, select the field name and exclusion criteria, then enter the values. Click Add.
  3. Go to Attributes, then map the LDAP fields with the Admin Panel's fields. The list of attributes available to choose from are:
    1. Email ID
    2. Secondary Email
    3. SAM Account Name
    4. First Name
    5. Last Name
    6. Display Name
    7. Employee ID
    8. Job Title
    9. Department
    10. Work Location
    11. Date of Joining
    12. Reporting To
    13. Mobile
    14. Phone
    15. Website
    16. Fax
    17. Post Office Box
    18. Street Address
    19. City
    20. State
    21. Country
    22. Postal Code
  4. If you have users without a domain-based custom email address, consider using the Replace Domain option under the Email Address attribute. Learn more about replacing the domain.

  1. Go to Sync Settings, then set the following:
    1. Default Password: This one-time password will be used for all newly-created Zoho user accounts. Users will be prompted to set a new password during their first sign-in.
    2. User Settings: This setting dictates how the Sync Tool will handle user accounts deleted in the AD server.
    3. Create LDAP Group: This setting creates a Zoho Directory collaboration group named after your Portal Name, for all users synced from AD through this tool.
    4. Create Groups for OUs: This setting creates a Zoho Directory collaboration group named after the OU, for each OU that is being synced.
  2. Go to Directory Sync and review the list of all users and groups that are yet to be created, updated, or disabled. Click Sync.
    Note: You can see the status of all users and groups after the sync.