Manage User Sync Rules
User Sync rules allow you to select an Active Directory group and add a rule about the products for which the users in this group will receive entitlements for, and what administrative privileges they will have. You may have multiple rules for a given directory group (also known as organization group), and a user may belong to more than one group in the Active Directory. If you have multiple rules, you can manage the priority of the rules.
Topics in this article:
Click Create your first rule, then fill in the applicable fields for each section, as follows:
- Log in to the Admin Center at https://admin.logmeininc.com.
- Click Create your first rule.
- In the "Select a group from your company directory" section, use the drop-down menu to select your desired directory group for which this rule will apply. If desired, you can add notes about this directory group in the "Description" field.
Note: Directory groups are user groups in your Active Directory that are populated by running the ADC service.
- In the "Products" section, check the box(es) to enable the product(s) to assign to these users within your selected directory group.
- If this directory group will not have admin or manager privileges, move on to Step #6. Otherwise, check the box to enable the "Administrator for this Account" option, then choose 1 of the following options:
- Select Full access to all account privileges to grant full admin permissions.
- Select Manager for specified group(s) with limited privileges to customize admin permissions as follows:
- Privileges – Click the list of privileges hyperlink, check the box(es) to apply your desired permissions, then click Apply.
- Groups: – Click None Selected, select 1 or more user groups to which your entered user(s) will be assigned, then click Apply.
- Under User Details, use the drop-down menu to select 1 of the following options:
- A customized Welcome email template. Once selected, you can choose from Preview, Edit, or Delete.
- Click Create New Template to make a new one – if selected, you will continue to remain on the same page and keep your changes thus far.
- Leave as-is to select the Default Welcome Email template, which you can click Preview to display its contents.
- Next, select a default language for your directory group, which will display the following in your selected language:
- Welcome Email
- All product Web App pages
- If applicable, the application that you download and/or install to host sessions
Note: An active user can change their own default language settings at any time.
- Next, select a user group that you have created, or leave as-is to select No Group (learn more about how to create a user group).
- If your directory group is enabled to use RescueAssist and you want to assign device group(s), click None Selected to open a list, then check the box(es) of device group(s) that you want to apply to this directory group of users (learn more about how to create a device group).
- Lastly, use the drop-down menu to select a default settings template you have already created, or leave as-is to select Default. A settings template is a specific profile that you can create that allows you to apply a set of default feature settings (per product within your account) to a directory group (e.g., disabling the ability to record GoToMeeting sessions for all organizers within a directory group). Learn more about how to create a user settings template.
- Click Save if you are finished, or click Save & add another to save and move on to create settings for your next directory group.
- If you have more than 1 rule, you will need to prioritize them.
If you have multiple rules, you can click and drag on each rule in the "Re-order" column to adjust the prioritization of the order in which the rules apply. The rule with the highest ranking (i.e., lowest priority rule number) takes precedence over subsequent rules, meaning Rule #1 takes priority over Rule #2.
If you have users that exist in 1 or more directory groups, all assignments contained within the rule with the highest priority ranking will be used in favor of the same assignments contained in lower priority rule(s). Here are some examples:
- A user is in 2 directory groups with 2 rules assigned: Rule #1 is assigned User Group A and Rule #2 is assigned User Group B. Since only 1 user group can be assigned to a user, they will be assigned to User Group A from Rule #1 as it is ranked highest in priority.
- A user is in 2 directory groups with 2 rules assigned: Rule #1 is assigned Device Group A and Rule #2 is assigned Device Group B. Since you can have multiple device groups assigned to a user, the user will be assigned both Device Group A and Device Group B.
Note: Device group assignment is only applicable to accounts provisioned with GoToAssist Remote Support.
- A user is in 3 directory groups with 3 rules assigned: Rule #1 is assigned GoToMeeting Pro, Rule #2 is assigned GoToMeeting Plus, and Rule #3 is assigned GoToAssist Remote Support. The user will be assigned GoToMeeting Pro (due to higher ranked priority of the rule) and GoToAssist Remote Support.
Note: For rules that contain more than 1 product tier (e.g., GoToMeeting Pro and GoToMeeting Plus), the rule with the highest priority ranking will be assigned, even if it is a lower-tiered product.
Once you have set up your rules and their prioritization, then you are ready to run User Sync as follows:
- Toggle the switch on to enable the "User Sync is on" option.
- If desired, you can click Activity History in the left menu to monitor admin activities.
Congratulations! You have completed all of the steps for setting up the Active Directory Connector v2. You can also learn more about updating the ADC v2 to the latest version when new versions become available.
If you run User Sync and the sync fails, detailed banner(s) are displayed to inform you of the reason for the failure (e.g., users have existing accounts, out of licenses, etc.).
For each type of failure, you can click Details to view the list of users that were unable to be synced, and take appropriate action by either contacting support or purchasing more licenses to accommodate more users. Once the cause of the failure is resolved, you can click Retry sync to run the sync again. Additionally, sync failure messages are also logged in the Activity History.
- Click Edit on the rule you want to modify, then make changes to any of the value(s).
- Click Save when finished, or to keep creating more rules, click Save & add another.
Users within directory groups are never deleted. If all applicable rules for a user are deleted, the user becomes in a state of "suspended" which retains their account and product-related data (e.g., upcoming meetings, stored recordings, etc.). Only the settings within the rule are removed from use while the users will continue remain on your account.
- Click the Delete icon to remove a rule, then click Yes, delete to confirm.
Steps for setting up the Active Directory Connector v2 and managing users in User Sync:
- Review the Active Directory Connector v2
- Review the Active Directory Connector v2 requirements
- Set up an organization
- Install the ADC v2
- Configure the ADC v2
- Run the ADC v2
- Manage custom attributes (optional)
- Manage User Sync rules
- Update the ADC v2 to the latest version (if applicable)
- Troubleshoot the ADC v2 (if needed)