Synchronize Users

Automatic synchronization of existing directory services.

2 min read

General

We offer the ability to synchronize existing user directories with us. This enables fully automatic provisioning and deprovisioning of users - particularly relevant for larger organizations. We currently support the following user directories:

  • LDAP
  • AD
  • CSV

Process

For synchronization, we provide the Famedly-Sync tool. The tool can be downloaded and installed in your own infrastructure.

  1. First, it is determined whether Famedly or the customer operates the Famedly-Sync tool. This party will be referred to as the "operator" in the following.
  1. The operator installs the tool. During a subsequent setup appointment, the tool is configured jointly by the customer and Famedly.
  1. After setup, all users (for example, based on group membership) are synchronized. The following data is transferred:
    • First name (attribute must be available in the AD)
    • Last name (attribute must be available in the AD)
    • Email address (attribute must be available in the AD)
    • Persistent assignment attribute (attribute must be available in the AD)
    • Preferred display name (optional)
    • Telephone number (optional)
    Passwords are never synchronized!
  1. The operator ensures regular execution of the tool. With each execution, new people are created in Famedly and deactivated or deleted people are removed.

Features

Email Address Verification

When this feature is enabled, users must verify their email address upon their first Famedly login.

Phone Number Verification

When this feature is enabled, users must verify their phone number upon their first Famedly login.

SSO Login

For this feature to work, SSO login must be additionally activated and configured. Users can then perform authentication using SSO.

Exclusive Deactivation

When this feature is enabled, users are only deactivated and deleted, but not newly added. This feature can only be activated with SSO login or CSV import.

⚠️
Note on the use of existing authentication procedures

If you use an existing authentication procedure of your organisation for the login of users or if this is made possible by us as a provider, please note the following:

In this case, the responsibility for the security of user authentication lies with your organisation. Please ensure that the procedure used meets the current security requirements and is regularly maintained.

It must also be ensured that the authentication procedure is fully under the control of your organisation. In particular, this means that authentication means (e.g. passwords, tokens, certificates) can be managed by your organisation and blocked if necessary.

These requirements are necessary to ensure secure and traceable authentication of your users.

Did this answer your question?