AD Kit can add, deactivate, and delete users in Egnyte based on their Active Directory status. The below article covers the basics of such configuration for the sync_users action.

 

Adding users to Egnyte with AD Kit

AD Kit can add to Egnyte users that are:

  • created in the Active Directory,
  • added to the OU.

This is managed by the allow_create setting in the directory_service.ini file. If the setting is set to True, then any user in your directory service but not in your Egnyte domain will be created.

 

Deleting Egnyte users with AD Kit

AD Kit can delete in Egnyte users that are:

  • deleted in the Active Directory,
  • removed from OU,
  • disabled in the Active Directory.

This is managed by the combination of allow_delete and delete_disabled_users settings in the directory_service.ini file.

 

Deactivating Egnyte users with AD Kit

AD Kit can deactivate Egnyte users that are disabled in the Active Directory.

This is managed by the combination of allow_delete and delete_disabled_users settings in the directory_service.ini file.

 

Users deleting and deactivating examples

 

Active Directory The expected result in Egnyte Notes
User is Disabled

No changes

This is possible with add_users action instead of sync_users.

User gets Deactivated

allow_delete=False

or

allow_delete=True
delete_disabled_users=False

User gets Deleted

allow_delete=True
delete_disabled_users=True

User is Deleted

No changes allow_delete=False
User gets Deactivated

This is not possible with AD Kit.

User gets Deleted

allow_delete=True 

 

Users removed from the OU are treated like Deleted.