Audience: (ClassLink Administrator)
For additional customization, additional destination tools exist.
- All Destinations
- Active Directory
Certain destination mappings, marked as Unique, must be unique for each individual user. These include the following fields:
- Active Directory: sAMAccountName, userPrincipalName
- GSuite: primaryEmail
- Azure: userPrincipalName
If multiple users might have identical mappings for these fields, you can provide username generation rules that will map alternate values for those fields in case of conflicts. You can navigate to this module by clicking the button next to the desired mapping. To change the priority of any alternate mapping, you can click the up and down arrows. The Default mapping is highest priority. The 1st alternate is next highest priority, etc.
To prevent subsequent syncs from overwriting previously exported data of a specific mapping, you can click the arrows between OneSync and destination mappings to set override settings for that specific mapping. Current settings include: always map and only map when adding user. These settings can be applied to default mappings and custom mappings. In addition, toggles with the same functionality are available for enabling or disabling overrides for user account controls in Active Directory destinations.
To map to a custom attribute or property in a destination, you can first set your own attribute with the Default Mappings tab of a destination, above the destination fields. This attribute will then appear in mappings in the Default Mappings and Custom Mappings dropdowns.
For more information on GSuite custom attributes. click here.
User Account Controls
OneSync provides additional mappings and options for Active Directory destinations, including User Account Controls and Password Policies. These controls can be set in Default mappings, Custom mappings, and Events & Actions.
Dynamic Mapping Variables
In an Active Directory destination, you can create mappings for sAMAccountName and userPassword and then use these mappings in other mappings using the $ symbol. This includes default mappings, custom mappings, groups, and events & actions. In the example below, sAMAccountName is mapped using the givenName and surname fields, and then the userPrincipalName is mapped using sAMAccountName. The variables' most practical application, outside of default mappings, are in email events which detail an account's creation with the set password.
Advanced AD Fields
You can choose to display or hide more obscure, advanced AD fields in Default and Custom Mappings. Simply click the toggle in the upper right corner of both tabs.
Active Directory/GSuite Password Synchronization
OneSync does not currently offer the ability to sync passwords from Active Directory to GSuite. However, Google offers a tool to sync passwords which can be found here.
Google Cloud Directory Sync (GCDS)
Google offers a tool to sync your Active Directory and GSuite accounts. Click here for more information.
Updated: Jan 2019