Sync Rules
Use sync rules to determine how AD changes are reflected in the portal
Written by Owen Parry
Updated at July 27th, 2024
Table of Contents
Sync Rules
Sync Rules determine how changes made in AD are reflected in Password Boss. The Sync rules are configured from the Password Boss Portal by editing your Active Directory Connector.
The same sync rules are available for the Active Directory Connector and the Azure Active Directory Connector.
When a new user account is synced from Active Directory to Password Boss
- Create a user account in Password Boss. This is the recommended setting and will work best for most businesses.
- Create a pending user account in Password Boss that an admin must approve. When this setting is chosen, the new accounts will remain pending until an admin manually approves the accounts in the Password Boss Portal.
When a user account is deleted from the Active directory
- Disable the user account in Password Boss. This is the recommended setting and will work for most businesses. Note: there is no way to automatically delete accounts in Password Boss from the Active Directory connector. This is a safety mechanism to avoid accidentally deleting Password Boss accounts if an AD error occurs.
- Remove the user from your account and convert the user to a personal account. This setting will generally only be useful for businesses where users use their personal email addresses for their Password Boss accounts.
When a user account is disabled in the Active Directory
- Disable the user account in Password Boss. This is the recommended setting and will work for most businesses.
- This setting will generally only be useful for businesses where users use their personal email addresses for their Password Boss accounts.
When an Active Directory account is removed from syncing to Password Boss
- Disable the user account in Password Boss. This is the recommended setting and will work for most businesses.
- Remove the user from your account and convert the user to a personal account. This setting will generally only be useful for businesses where users use their personal email addresses for their Password Boss accounts.