Active Directory (AD) is an on-premise user data store that is generally used by organizations to manage user identities and groups. Organizations that have been using AD servers for a long time will have grown very dependent on the service, and will have a hard time shifting to modern, cloud-based solutions. The best way for these organizations to move to a cloud solution like Zoho One is by administering their users in Zoho One's admin panel, while maintaining their data in their on-premise AD.

As we discussed in our earlier forum announcement, the easiest way to administer employees whose data is stored in an Active Directory server is by using the AD Sync Tool.

The AD sync tool is a locally installable, one-way sync tool that syncs the user and group data present in your Active Directory to your Zoho One Account. It also comes with a Password Sync Agent that syncs user passwords when installed in a domain controller.

If you're using Active Directory to store your organization's users and groups, you can use the tool as soon as you sign up for Zoho One. If the AD attributes you use aren't available in the Zoho One admin panel, or if you've created custom attributes in AD, we suggest you create the appropriate Custom Fields in Zoho One before syncing.

Not at all. The tool performs an one-way sync, so the changes will be made only in Zoho One, and not in the AD.

No, the Password Sync Agent doesn't sync alongside the AD Sync tool. It doesn't sync as soon as it's installed in a domain controller either. It syncs a user's password only when that particular password is reset in the AD.

To learn more about syncing users from AD servers, go through our Knowledge Base articles on the sync tool.

We hope this was useful. Have any other burning questions about the AD sync tool? Drop a comment, and we'll answer.