Skip to main content

This article applies to Cloud.

Other available versions:

Version 6 | Version 5 | Version 4icon.qnmark.png

Available in:

StandardPremiumEnterprise
Small Business
Code42 Support

How Code42 User Directory Sync works

This article applies to Cloud.

Other available versions:

Version 6 | Version 5 | Version 4icon.qnmark.png

Available in:

StandardPremiumEnterprise
Small Business

Overview

Connecting your directory service to your Code42 environment is an important step in making sure the right users have access to the correct Code42 functionality. When you integrate Code42 User Directory Sync with your environment, Code42 periodically syncs with your LDAP infrastructure. This article describes the syncing process in detail. 

What is the Code42 User Directory Sync

Code42 User Directory Sync is a provisioning tool that can be installed anywhere. Once configured it connects your directory service to your Code42 environment and automatically adds, creates, updates, and deactivates users in Code42 based on changes made within your directory service. Code42 User Directory Sync was built using the LDAP version 3 standard, and it integrates with Microsoft Active Directory. 

How to configure

To download and configure Code42 User Directory Sync in your Code42 environment, contact your Customer Success Manager (CSM) for enterprise support at csmsupport@code42.com

What it does

When Code42 syncs with a directory service, Code42 User Directory Sync performs the following actions:

  • Authenticates (binds) with the directory service
  • After the initial sync, User Directory Sync only processes a user if a change is made to user attributes in the directory
  • Operates in read-only mode on the directory service
  • Receives the user information from your directory service via LDAP, translates it, and uses SCIM protocol to send the user information to Code42 
  • Adjusts user data in your Code42 environment to match your directory data:
    • Email
    • First name
    • Last name
    • Creates new users in your Code42 environment
    • Activates or deactivates users based on the Active script
    • Moves users to appropriate organizations based on the Org script
    • Applies roles to users based on the Role script and Role Mapping

What it does not do

  • Initiate communication with the directory service
    To initiate communication, run the User Directory Sync using a scheduling service, which is not included. 
  • Create new entries in the directory service
  • Modify the directory service

History

You can view the results of past LDAP syncs in your administration console at Identity Management > Sync Log. For more details, refer to the Identity Management reference

Logs

Activity appears in the  ldapConnector.log file within Code42 User Directory Sync. To view the log files:

  1. Sign in to the device where Code42 User Directory Sync is located. 
  2. Go to /C42UserDirectorySync-<version>/logs
  3. Select one of the ldapConnector.log files.  
Log files
Your Code42 environment creates a new file each time Code42 User Directory Sync runs or if the file reaches a certain size. The current application log is ldapConnector.log. Older logs are signified by ldapConnector.1.log, and so on.

External resources