Use directory syncs to synchronize your active directory (AD) with Ivanti Endpoint Security. Create directory syncs from the Directory Sync Schedule page.

Attention: To successfully complete a directory sync, port 389 must be open on:

• The Ivanti Endpoint Security Server
• The network domain controller

1. From the Navigation Menu, select Tools > Directory Sync Schedule.
2. Click Create.
   The Schedule Directory Sync dialog opens.
3. Type the domain controller name in the Directory server/computer field.
4. Type the domain name in the Domain name field.

   If you select the Specify one or more directory containers as sync sources options, defining this field is unnecessary.

5. In the Domain\user name field, type a user name that authenticates with the domain controller in the following format: DOMAIN\username.
6. Type the password associated with the user in the Password field.
7. In the Confirm password, retype the password.
8. Select the appropriate Sync scope option.
   These options define whether the directory sync synchronizes with entire directory or individual containers within the directory.

   Tip: Select the Specify one or more directory containers as sync sources options for one of the following reasons:

   • The AD is large, causing long synchronization times.
   • Portions of the directory are geographically dispersed and thus require a sync at different starting and ending times.
   • Portions of the directory may be updated more frequently than others and thus require a sync at different intervals.
   • The credentials defined in the Domain\user name field cannot access the entire domain.

Option	Step
To sync the entire domain:	Select the Sync the entire domain (recommended) option. Click Next.
To specify one or more directory containers as sync sources:	Select the Specify one or more directory containers as sync sources option. Click Next. In the field, type the fully-qualified domain name of the directory containers you want to sync (for example, OU=Sub- Organization Unit,OU=Organization Unit,DC=Domain Controller). Click Add Directory Path. Specify additional directory containers by repeating the previous two steps. Review the Directory Path list. Click the applicable Delete icon to remove directory paths you do not want to add. Click Next.

The Schedule Sync page opens.

9. Schedule the sync.

Option	Step
To schedule a daily sync:	Select the Daily option. Type the desired Start date in a mm/dd/yyyy format. Type the desired Start time in a hh:mm format. You may use 12-hour or 24-hour formatting. In the Run every x days field, type how often you want your sync to run. Schedule an End by date. To schedule an End by date, select the check box and type an end date in a mm/dd/yyyy format.
To schedule a weekly sync:	Select the Weekly option. Type the desired Start date in a mm/dd/yyyy format. Type the desired Start time in a hh:mm format. You may use 12-hour or 24-hour formatting. In the Run every x weeks on field, type the desired increment. Select the check boxes associated with the days you want the sync to run. Schedule an End by date. To schedule an End by date, select the check box and type an end date in a mm/dd/yyyy format.
To schedule a monthly sync:	Select the Monthly option. Type the desired Start date in a mm/dd/yyyy format. Type the desired Start time in a hh:mm format. You may use 12-hour or 24-hour formatting. Select an option: To schedule the sync for a specific date, select the Run on the x day every x months option. Then define the day and months fields. To schedule the sync for a relative day, select the Run on the x x every x month. Then define the drop-down lists and the months field. Schedule an End by date. To schedule an End by date, select the check box and type an end date in a mm/dd/yyyy format.

Rather than typing a specific date or time when scheduling the sync, you may select them from a menu. Click the Calendar and Clock icons to open these menus.

10. Click Finish.
    The Schedule Directory Sync dialog closes and the sync is scheduled. An item for the sync displays in the Schedule Directory Sync page list.

    After you create the sync, select it from the Schedule Directory Sync page and click Sync Now to run it immediately.

After creating a directory sync, you can edit its synchronization schedule and its synchronization target. Edit directory syncs from the Directory Sync Schedule page.

1. From the Navigation Menu, select Tools > Directory Sync Schedule.
2. Select the check box associated with the directory sync you want to edit.
3. Click Edit.
   The Schedule Directory Sync dialog opens.
4. [Optional] Edit the Directory server/computer field.
5. [Optional] Edit the Domain name field.
6. [Optional] Edit the Domain\user name field.
   1. Edit the Password field to the password associated with the new user name.
   2. Retype the password in the Confirm password field.
7. [Optional] Edit the Sync scope option.
   Follow the applicable sub-steps to edit the sync scope.

Option	Step
To sync the entire domain:	Select the Sync the entire domain (recommended) option. Click Next.
To specify one or more directory containers as sync sources:	Select the Specify one or more directory containers as sync sources option. Click Next. In the field, type the fully-qualified domain name of the directory containers you want to sync (for example, OU=Sub- Organization Unit,OU=Organization Unit,DC=Domain Controller). Click Add Directory Path. Specify additional directory containers by repeating the previous two steps. Review the Directory Path list. Click the applicable Delete icon to remove directory paths you do not want to add. Click Next.

8. Schedule the sync.

Option	Step
To schedule a daily sync:	Select the Daily option. Type the desired Start date in a mm/dd/yyyy format. Type the desired Start time in an hh:mm format. You may use 12-hour or 24-hour formatting. In the Run every x days field, type how often you want your sync to run. Schedule an End by date. To schedule an End by date, select the check box and type an end date in a mm/dd/yyyy format.
To schedule a weekly sync:	Select the Weekly option. Type the desired Start date in a mm/dd/yyyy format. Type the desired Start time in an hh:mm format. You may use 12-hour or 24-hour formatting. In the Run every x weeks on field, type the desired increment. Select the check boxes associated with the days you want the sync to run. Schedule an End by date. To schedule an End by date, select the check box and type an end date in a mm/dd/yyyy format.
To schedule a monthly sync:	Select the Monthly option. Type the desired Start date in a mm/dd/yyyy format. Type the desired Start time in an hh:mm format. You may use 12-hour or 24-hour formatting. Select an option: To schedule the sync for a specific date, select the Run on the x day every x months option. Then define the day and months fields. To schedule the sync for a relative day, select the Run on the x x every x month. Then define the drop-down lists and the months field. Schedule an End by date. To schedule an End by date, select the check box and type an end date in a mm/dd/yyyy format.

Rather than typing a specific date or time when scheduling the sync, you may select them from a menu. Click the Calendar and Clock icons to open these menus.

9. Click Finish.
   The Schedule Directory Sync dialog closes and the changes are saved. The associated list item for the sync changes according to your edits, and the sync runs against the applicable AD at the new schedule time.

Delete Directory Syncs when they are no longer needed. Delete syncs from the Directory Sync Schedule page.

1. From the Navigation Menu, select Tools > Directory Sync Schedule.
2. Ensure the page is filtered to display disabled syncs.
3. Select the Directory Syncs you want to delete.
4. Click Delete.
   The Directory Syncs are deleted.

After creating a directory sync, you can trigger it to synchronize with its targeted Active Directory at any time, regardless of its schedule.

Run immediate directory syncs from the Directory Sync Schedule page.

1. From the Navigation Menu, select Tools > Directory Sync Schedule.
2. Select the Directory Syncs you want to run immediately.

   You can only run immediate directory syncs for enabled syncs. For additional information refer to Enabling Disabled Directory Syncs.

3. Click Sync Now.
   The selected syncs run immediately.

Rather than deleting a directory sync, you can temporarily disable it when unnecessary. Disabling unnecessary directory syncs can improve network bandwidth at the applicable syncs scheduled time.

Disable directory syncs from the Directory Sync Schedule page.

1. From the Navigation Menu, select Tools > Directory Sync Schedule.
2. Select the Directory Sync you want to disable.

   In some instances, you may need to filter the page to display to show enabled syncs.

3. Click Disable.
   The selected Directory Sync are disabled and will not run at its scheduled date and times.
   Synchronization will not occur until the sync is re-enabled.

After disabling a directory sync, you may re-enable it at any time. Re-enable directory syncs from the Directory Sync Schedule page.

1. From the Navigation Menu, select Tools > Directory Sync Schedule.
2. Ensure the page is filtered to display disabled Directory Syncs.
3. Select the Directory Syncs you want to re-enable.
4. Click Enable.
   The selected directory syncs are re-enabled. Synchronization occurs at the next scheduled time.

To export the directory sync information listed on Schedule Sync Schedule page to a comma separated value (.csv) file, click the Export button. Exporting data lets you work with that data in other programs for reporting and analytical purposes.

For additional information refer to Exporting Data.