Skip to main content
Browse Documentation

Run AD synchronisation with single sign-on

Created by j.moore, last updated 01 May 2020

You can continue to run the AD synchronisation feature alongside an AD FS integration. If you are running the sync then users and groups will be created within Contensis as normal and any AD FS users will be updated and moved into their relevant groups.

Note: If you are running the AD Synchronisation and you have the global setting DirectoryServices_DeleteInvalidUsersAndGroups set to true then AD FS users will be deleted if they aren’t a member of the groups being synchronised.

It is recommended that all users allowed to login via AD FS are included in the groups which are being synchronised via the AD synchronisation feature.