Destinations are directories or services that OneSync can export user accounts and data to. Valid destinations include Microsoft Active Directory, Microsoft Azure, and Google GSuite. Each destination type requires credentials or authorization in order to properly access the destination's user accounts. To learn more about authorization, click here.
The following table details the steps included in an adding a destination to OneSync.
|Destination Details||Yes||Define and edit this destination’s basic details.|
|Advanced Options||No||Setup email notifications, custom attributes and extensions, and other miscellaneous settings.|
|Select Users||Yes||Select the collection of users that will be exported to this destination.|
|Default Mappings||Yes||Define the mappings between OneSync fields and this Destination’s fields. These mappings will be applied to all users in this destination. For example, you can set the default password for all users in a destination.|
|Custom Mappings||No||For specific sets of users, define the custom mappings between OneSync fields and this Destination’s fields, which will override the default mappings. These users a subset of the previously selected users. Making no custom mappings will mean the sets of users not specified will use the default mappings.|
|Group Mappings||No||Define which destination group a user will be provisioned to given a certain set of conditions.|
|Events & Actions||No||Define what event will occur when a user triggers a certain set of conditions|
|Save Destination||Yes||You must click the “Save Destination” button in the lower right hand corner in order for changes to take effect|
Note: Additional tools are included in the destination creation and management process. To learn more about them, click here.
Before creating a destination, you can setup email notifications that work in conjunction with Events & Actions; custom attributes and extensions for mappings; and miscellaneous settings in the form of toggles.
To start creating a destination, you must first select the users that will be exported to this destination. You will form collections of users via conditions. You can click the eye icon next to a selection of users to preview that specific group of users. Click here to read more about the selection process and the logic used to achieve it.
Destination Mappings, including default, custom, and group mappings, are used to set the values for properties in a destination. To assist in this process, OneSync offers text transformations which can be used to create custom alphanumeric strings based off an individual user’s properties. Selected fields from sources will be formatted with green text in destination mappings, since unmapped fields will return an error. You can preview default mappings by pressing the eye icon next to the "Save Destination" button.
To prevent subsequent syncs from overwriting previously exported data of a specific mapping, you can click the arrows between OneSync and destination mappings to set override settings for that specific mapping. Current settings include: "always map" and "only map when adding user".
Custom Mappings define mappings that override the default mappings for users based on defined conditionals. Multiple custom mappings are organized by priority, with the greatest priority labeled as "1". If you make no custom mappings, then selected users will inherit the default mappings. You can use custom mappings in conjunction with the override settings for each mapping. You can also preview custom mappings by pressing the eye icon next to the "Save Destination" button.
Group Mappings select users based on one or more conditionals to add to a destination group. If users no longer satisfy the conditionals for a group mapping or that group mapping's name is changed, they will be removed from that group. Each group mapping has an additional setting that decides whether or not to create a group if it does not exist.
Depending on the destination, you must enter a group path in a specific format:
- Active Directory: “CN=[insert group name here,OU=[insert OU name here]”, without the quotes or brackets. An OU is not required, if the group will be inserted into the base path. If multiple OU’s are used, they should be listed from most specific to least specific.
- GSuite: “ExampleGroupMapping@domain.com”, without the quotes. The group mapping is an email address with a domain registered in GSuite.
- Microsoft Azure: A group name can be entered in plain text with no special formatting.
Events & Actions
Events & Actions are events that occur when a user triggers a condition based on its properties. The three events include:
- Field & Value: a user is a assigned a value for the specified property
- From Source: for all users imported from a particular source
- User Is Added: a user is successfully added to a destination, not edited
- User Is Disabled: a user is disabled in OneSync by removing it from its origin source or deselected in a collection
- User Is Enabled: a user is re-enabled in OneSync
The two actions include:
- Assign Property and Value: a user is assigned a assigned a value for the specific property
- Email: message the designated email address. Both the email address and the email body can be templated. You must enter email credentials in the Advanced Options tab for this action.
- Execute PowerShell Script: run a PowerShell file of your own design, located in "C:\ClassLink OneSync\Scripts"
- Move to OU: a user is moved to the specified organizational unit, formatted specifically for the destination type (e.g. “/OU name” for GSuite, “OU=[OU name]” for Active Directory, OU’s do not exist in Azure)
In order to trigger an export, the destination must be mapped with a collection of users from one or more sources. Users will be exported to destinations automatically once exports are both enabled in settings and next to the desired destination on the Destinations page. You can also trigger an export manually either by toggling the enable/disable switch or pressing the play button next to the desired destination on the destinations page.
Authorization and Additional Tools
Depending on the destination type, additional tools may be available. Click here for more details.
For more details about authorizing for different destination types, click here.