Syncing accounts with Active Directory

If your company uses Active Directory, you can import user accounts from it and automatically create employee accounts in Yandex.Mail 360 for Business.

You can also set up a sync schedule to download regular data updates from Active Directory.

Data export from Yandex.Mail 360 for Business to Active Directory is not supported.

To sync employee accounts with Active Directory, make sure that:

  • You have an administrator account for the company in Yandex.Mail 360 for Business.
  • You have a verified domain linked to your company.
  • You have a username and password for an account with read access to Active Directory catalog.
  • You have installed the Connect Directory Sync application for Windows.
  1. Setting up synchronization with Active Directory
  2. How syncing works

Setting up synchronization with Active Directory

  1. Allow the application to access your company.
  2. Configure the filters that will select users to sync from Active Directory.
  3. In the Connect Directory Sync application, go to Sync status and click Start synchronization.
  4. To update data from Active Directory regularly, configure the sync schedule.

How syncing works

During synchronization, the Connect Sync Directory looks for user accounts in Active Directory that match the filters you set. Then Connect Directory Sync imports the following data from the found accounts:

Active Directory account attribute Account field in Yandex.Mail 360 for Business
gn (givenName) First name
sn (surname) Last name
title Position
sAMAccountName Username
mail Email
Note. The Connect Directory Sync application does not load user passwords from Active Directory.

If the gn, sn, sAMAccountName, or mail account attributes are missing for an account, it won't be imported to Yandex.Mail 360 for Business.

The data from the found accounts is used to create or update employee accounts in Yandex.Mail 360 for Business:

  • If a found account hasn't been imported yet (for example, during the first sync), a new employee account will be created.

    The password for the new account will be generated automatically and sent to the email address loaded from the Active Directory account (mail attribute).

  • If a found account has already been imported, the employee account will be updated.
  • If the account has been imported but was not found during syncing, the employee account will be blocked.

    This might happen if LDAP filter parameters have been changed. If you change the filter again so that the account appears in the search results, the employee account will be unblocked during the next sync.