Here’s a quick run through of adding Microsoft active directory to workspace one access. Firstt up go to the URL of workspace one access that you deployed, it should be the URL and not the IP address, as it has been noted if you attempt to go to the IP address your credentials will be rejected. Once you’ve logged in go to the top right drop down and enter the administration console.
Next select identity and access management from the top menu bar and select add directory.
From there you should be able to select add active directory over LDAP.
Next select the name for your directory that you are adding it does not have to correspond to anything but of course should be a meaningful name. I left everything else as default, the sync connector and direct research attribute or default.
Scroll down from that same menu to add in the bind user details that will allow workspace one access to see into your active directory schema. Enter your base DN your bind DN and then the bind user password, and hit test connection after which if the entered information is correct you will see connection is successful on the banner over the menu context.
Once you hit save and next you should/may see what actions are being taken.
On the next screen, select the checkbox next to the automatically populated domain which should match the one in previous steps.
On this page of the steps, you are essentially checking and matching the attributes in workspace one access to the attributes found in Microsoft active directory. As you can see there are set attributes that are required. For your configuration and setup what this actually means is that each entity that will be added from your active directory needs to have these attributes. For example on one of my demo tests of this the user I tried to add did not have an email address causing future steps to fail when attempting to finalize the configuration.
Next enter the group DN that you want to sync with and then hit find groups.
Once the group has been found you can select all and hit next.
At this stage you will enter the DN of the users that you would like to sync, as I’ve done in the example.
This page is to review before finalizing the sync of your directory. The default sync schedule is one week but you can hit the edit button to adjust this.
Once the sink is started you will see a banner you can click the sync log button from there.
If you select identity providers you should now see the sync details for the AD that you recently added.