Synchronize With Active Directory

Within Device Control, you can assign policies to your organization using two types of objects: users or endpoints. Fortunately, your organization may already contain a resource full of these objects: Active Directory (AD).

Instead of recreating user and endpoint objects in Endpoint Security by yourself, you can synchronize these objects from your Active Directory using the AD Synchronization feature. This feature scans your existing AD for users and endpoints, and then lists them in the Endpoint Security Console.

While creating your Device Control policies, you can choose users or endpoints for policy assignment.

To Synchronize With Active Directory:

If you also use Application Control, and you've already configured your Endpoint Security Server to synchronize with Active Directory, skip these steps and proceed to Configure Options.

  1. From the Endpoint Security Console, select Tools > Directory Sync Schedule.

  2. Click Create.

    3. The Schedule Directory Sync wizard opens.

  3. Complete each page of the Schedule Directory Sync wizard.

    • Use this wizard to sync a single domain, multiple domains, or portions of a domain (organizational units).
    • For domains that change frequently, schedule daily or weekly syncs.
    • For domains that change infrequently, schedule monthly syncs.
  4. Click Finish when you're done.
    • The synchronization is scheduled. It runs at the time you specified.
    • After the synchronization completes, you can view the objects that it found by selecting Manage > Groups and selecting the Users tab.