Advanced User Synchronization Agent Integration (AUSI) – New Agent:
The Advanced User Synchronization agent is our next generation Passly Directory Syncing agent.
This agent provides the ability to synchronize physical Active Directory with any Passly organization.
This agent will replace the legacy Directory synchronization agent going forwards.
- This agent is currently a Beta version.
This is an server based agent sync.
- Physical Active Directory - Agent deployed on the Primary or Secondary Domain Controller.
Supported Operating Systems:
Windows Server 2016
Windows Server 2019
Windows Server 2022
Note: Passly only supports this agent when installed on a Domain Controller for Physical Active Directory.
Directory Types supported:
Physical Active Directory
Physical Active Directory - Must be installed on the Domain Controller (Primary or Secondary is acceptable).
Supported Microsoft .NET requirements:
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931
Microsoft Windows Desktop Runtime - 6.0.13 (x64)
Prerequisites to sync a user from AD to Passly
Note: Users will only be added if the following four pieces of information are present:
User Logon name.
Note: If any of the above-noted data is missing from a user then the sync will stop and no further users will be added until the missing data is updated in Active Directory.
Deploying & Configuring Advanced User Synchronization Integration (AUSI)
- Access your Passly tenant via https://(companyname).my.passly.com
Note: You must be a member of the Administrator Role to deploy and figure this agent.
- Select Directory Manager from the left menu.
- Select Directory Sync.
- Select the Blue + sign to add a new agent.
- Select the top icon for AUSI.
- Name the Agent.
Note: We suggest using the machine name where the agent is installed.
- Select your preferred Provisioning Policy
Note: We recommend using the Default Provisioning Policy while deploying or testing the agent.
Optional. Password Policy. You can enable the option to Synchronize password changes from Passly to Active Directory.
Note: This option is required if you want users to be able to reset their Active Directory via Passly.
Note: The Organization Password Policy must be updated via Directory Manager > Organizations > Specific Organization > Password Policy.
The Maximum Age & Minimum length need to make the Security policy applied in Group Policy for the Domain you are syncing.
- Select Add Agent.
- Select the Agent from the list.
- Select Download Installer.
Download the installer to the preferred Domain Controller.
Note: Ensure that the installer is copied to the local drive for the chosen Domain Controller. This installer does not support cross-Network installations.
- Run the Installer elevated to prevent issues from UAC (Universal Account Controls).
- Select Yes if prompted by UAC.
- Select Install.
- Select Next to install the agent.
- Select Next to continue the installation of the agent.
- Enter the Agent profile data to continue.
Note: These values are confirmed in the Passly UI and visible on Step 11.
Note: The Home realm is your tenant URL https://(companyname).my.passly.com
Note: Use the Home realm for the organization or sub-organization that you are installing to Example: organization: https://(companyname).my.passly.com or sub-organization: https://(client-companyname).my.passly.com
- Select Save Changes.
- Select Next to continue the installation.
- Chose Automatically Create a Service Account in Active Directory.
Note: If you need to use a custom Service Account Requirements:
Select Finish to complete the installation.
Click Close to complete the installation.
Navigate to Directory Manager > Directory Sync. Select the newly created AUSI Agent.
Note: If you refresh the page. The agent status should change from Created to Active:
Select the new AUSI Agent.
Select the Organizational Units tab.
Select the required Organizational Units.
Note: Selecting Organizational Units will allow you to define what items from Active Directory should be synchronized.
Note: Run Full Synchronization button allows you to initiate full synchronization anytime. This function will update OU and synchronize Users and Groups.
- Scroll down and click ‘Save Changes’:
- Congratulations AUSI installation is done! You can now use AUSI Agent.