Groups in Password Boss are used by your users when they share passwords in the Password Boss app. If you have groups created in AD that will be useful for your users to use when they are sharing passwords, then enabling Group synchronization in the Active Directory Connector will allow you to administer groups in AD and have changes synchronized to Password Boss.
When Group synchronization is enabled, what happens is that the users who you have configured to synchronize to Password Boss (Users tab in the Active Directory Connector) will also have groups attached to their accounts in Password Boss. Password Boss will synchronize Global Security Groups.
Enabling Group synchronization does not add any additional users to your account in Password Boss. The only user who will synchronize to Password Boss are the users who are in the group listed on the Users tab of the Active Directory Connector on your Windows Server.
For example, if you have the following users and groups:
- AD Users = User1, User2, User3, User4, User5
- Group = "Password Boss Users" - User1, User2, User3
- Group = "Marketing" - User1
- Group = "HR" - User2, User4
- Group = "Finance" - User3, User5
This is how the users and groups will be synchronized to Password Boss:
- On the Users tab of the Active Directory Connector the group "Password Boss Users" is selected
- On the Groups tab of the Active Directory Connector "Marketing" and "HR" are selected
- The following users will synchronize to Password Boss: User1, User2, User3
- The following Groups will synchronize to Password Boss: "Marketing", "HR"
- In Password Boss the "Marketing" group will contain: User1
- In Password Boss the "HR" group will contain User2. User4 is not synchronized since User4 is not in the group "Password Boss Users"
- In Password Boss the "Finance" group is not synchronized since the group is not selected on the Groups tab of the Active Directory Connector.
Updated almost 2 years ago