User Group Synchronization
When users log on to ShareBase using external authentication, the ShareBase IdP can automatically create new user groups in ShareBase based on the groups that the users belong to in the external system.
If a group is removed from the external system, the corresponding user group is not removed from ShareBase. To remove the user group from ShareBase, delete it using ShareBase Administration.
If a group is renamed in the external system, a user group with the new name is created in ShareBase when a member of the external group logs in. The user is removed from the ShareBase user group with the old name.
The following table outlines how ShareBase user groups are created for different types of groups in AD FS:
|
Group Scope |
Expected Behavior |
|---|---|
|
Universal |
A user group is created in ShareBase the first time a member of the AD FS group logs in. If a user group of the same name already exists in ShareBase, then the AD FS group is mapped to the existing ShareBase group. |
|
Global |
A user group is created in ShareBase the first time a member of the AD FS group logs in. If a user group of the same name already exists in ShareBase, then the AD FS group is mapped to the existing ShareBase group. |
|
Domain Local |
ShareBase user groups are not created based on domain local groups. |
|
Distribution |
ShareBase user groups are not created based on distribution groups. |