Product: OneSync
Audience: ClassLink Administrator
Destinations are directories or services that OneSync can export user accounts and data to. Valid destinations include Microsoft Active Directory, Microsoft Azure, and Google GSuite. Each destination type requires credentials or authorization in order to properly access the destination's user accounts. To learn more about authorization, click here.
Overview
- Add a Destination
- Select Users
- Default Mappings
- Custom Mappings
- Groups
- Events and Actions
- Advanced Settings and Additional Tools
- Authorization and Running Exports
Add a Destination
The following table details the steps included in adding a destination to OneSync.
| Step | Required | Description |
| Destination Details | Yes | Define and edit this destination’s basic details. |
| Select Users | Yes | Select the collection of users that will be exported to this destination. |
| Default Mappings | Yes | Define the mappings between OneSync fields and this Destination’s fields. These mappings will be applied to all users in this destination. For example, you can set the default password for all users in a destination. |
| Custom Mappings | No | For specific sets of users, define the custom mappings between OneSync fields and this Destination’s fields, which will override the default mappings. These users a subset of the previously selected users. Making no custom mappings will mean the sets of users not specified will use the default mappings. |
| Groups | No | Define which destination group a user will be provisioned to given a certain set of conditions. |
| Events & Actions | No | Define what event will occur when a user triggers a certain set of conditions |
| Advanced Options | No | Set miscellaneous settings. |
| Save Destination | Yes | You must click the “Save Destination” button in the lower right hand corner in order for changes to take effect |
Note: Additional tools are included in the destination creation and management process. To learn more about them, click here.
Select Users
To start creating a destination, you must first select the users that will be exported to this destination. You will form collections of users via conditions. You can click the eye icon next to a selection of users to preview that specific group of users. Click here to read more about the selection process and the logic used to achieve it.
Default Mappings
Destination Mappings, including default, custom, and groups, are used to set the values for properties in a destination. To assist in this process, OneSync offers Text Transformations which can be used to create custom alphanumeric strings based off an individual user’s properties. Selected fields from sources will be formatted with green text in Destination Mappings, since unmapped fields will return an error. You can preview Default Mappings by pressing the eye icon next to the Save Destination button.
To prevent subsequent syncs from overwriting previously exported data of a specific mapping, you can click the arrows between OneSync and destination mappings to set override settings for that specific mapping. Current settings include: always map and only map when adding user.
Custom Mappings
Custom Mappings define mappings that override the default mappings for users based on defined conditionals. Multiple custom mappings are organized by priority, with the greatest priority labeled as 1. If you make no custom mappings, then selected users will inherit the default mappings. You can use custom mappings in conjunction with the override settings for each mapping. You can also preview custom mappings by pressing the eye icon next to the Save Destination button.
Groups
Groups select users based on one or more conditionals to add to a destination group. If users no longer satisfy the conditionals for a groups or that group's name is changed, they will be removed from that group. Each group has an additional setting that decides whether or not to create a group if it does not exist.
Depending on the destination, you must enter a group path in a specific format:
- Active Directory: “CN=[insert group name here,OU=[insert OU name here]”, without the quotes or brackets. An OU is not required, if the group will be inserted into the base path. If multiple OU’s are used, they should be listed from most specific to least specific.
- GSuite: “ExampleGroupMapping@domain.com”, without the quotes. The group is an email address with a domain registered in GSuite.
- Microsoft Azure: A group name can be entered in plain text with no special formatting.
Events & Actions
Events & Actions are events that occur when a user triggers a condition based on its properties. The events include:
- Field & Value: a user is a assigned a value for the specified property
- From Source: for all users imported from a particular source
- User Is Added: a user is successfully added to a destination, not edited
- User Is Disabled: a user is disabled in OneSync by removing it from its origin source or deselected in a collection
- User Is Enabled: a user is re-enabled in OneSync
The actions include:
- Assign Property and Value: A user is assigned a value for the specific property.
- Email: Message the designated email address. Both the email address and the email body can be templated. You must enter email credentials in the Advanced Options tab for this action.
- Execute PowerShell Script: Run a PowerShell file of your own design, located in C:\ClassLink OneSync\Scripts.
- Move to OU: A user is moved to the specified organizational unit, formatted specifically for the destination type (e.g. “/OU name” for GSuite, “OU=[OU name]” for Active Directory, OU’s do not exist in Azure)
For more information about actions and configuring OneSync for specific actions, click here.
Advanced Settings and Additional Tools
Each destination type also has a final tab where you can set miscellaneous settings. These settings include:
- On disable action, disable users in destination?
- On disable action, remove a user from all groups in this destination?
- Configure username resolutions
Depending on the destination type, additional tools may be available. Click here for more details about advanced settings and tools.
Authorization and Running Exports
Before you can export to a destination, you must first authorize the connection to the destination. For more details about authorizing for different destination types, click here.
In order to trigger an export, the destination must be mapped with a collection of users from one or more sources. Users will be exported to destinations automatically once exports are both enabled in Settings and next to the desired destination on the Destinations page. You can also trigger an export manually either by toggling the Enable/Disable switch or pressing the Play button next to the desired destination on the Destinations page.
Updated: Mar 2019