Active Directory Connector v2
Most large companies use Microsoft Active Directory (AD) to automate changes for user identities and application privileges. The Active Directory Connector (ADC) receives Active Directory user updates and automatically makes the same changes in your GoTo account. The ADC accesses all users in selected AD groups containing GoTo users and all users in any subgroups. All new users are added to one of your validated company email domains in the External Admin SCIM* service. If a company chooses, they can use the information generated by this process to entitle (and suspend) user accounts using the User Sync service.
* SCIM is the System for Cross-domain Identity Management that defines how user identities are managed across multiple systems, generally over the Internet.
Active Directory articles
Implementation of the Active Directory Connector consists of installation, setting permissions and Active Directory groups, and running the ADC to start receiving updates. You can view the user updates in the Organization Center ( documentation | login). Existing users are updated only if information from the AD is different than what is in the SCIM organization.
- A corporate GoTo account with at least one admin who has both organization and GoToMeeting admin roles
- One or more verified organization domains
- Active Directory groups and users set up
On initial launch, the ADC reads the identified groups in the AD and generates a list of users. It compares this list with the information already in the company’s domain organization. Any valid new users are added, and any users that exist in both AD and the domain organization account get updated as needed. If there are users in the domain organization but not in the AD, they can remain depending on the company’s policies and practices - for instance, these users may be consultants, non-Windows users, etc.
After initial launch, the ADC syncs at the polling interval you set. During a sync, any new AD user in a linked group is added, any modified user is updated, any expired or deleted user is suspended.
The ADC passes the identity data to SCIM which creates users on the company’s GoTo account. These users are members of the company’s domain organization and can then be entitled, either through User Sync, or manually, to use specific products.
Comparison with prior ADC versions
Earlier ADC releases did more work on the local servers, integrated user entitlements, and embedded business rules in the application itself. This design led to customer issues with local repositories and enforced updates (which required a complete re-install) when business rules changed. These issues have been resolved with v2.x
Upgrading from an earlier version is straightforward. You uninstall the v1.x version, and install v2.x. Configure v2.x to point to the correct Active Directory groups and run the service. Your existing users are recognized. Any changes are communicated via the new ADC to the External Admin service.
|1.5 and earlier||Windows Svr 2008 R2 +||Customer server with ADC read permissions||Added to corporate account||Completed within ADC workflow|
|1.6||Windows Svr 2008 R2 +||Customer server with ADC read permissions||Added to domain organization |
and corporate account
|Completed within ADC workflow|
|2.x||Windows Svr 2008 R2 +||Customer server with ADC read permissions||Added to domain organization account||Add to corporate account and optionally |
completed through User Sync