How to use the synchronisation of the enterprise directory groups ?

Read on to learn how to enable the synchronization of the enterprise directory groups.

Only the Administrator account and Moderators can manage this synchronization.


Step 1 - Setting up the synchronisation of the enterprise directory groups with LockSelf

If you have subscribed to the SSO interconnection option, you will be able to synchronize the groups of your enterprise directory with LockSelf. For this you will need to:

1. Set up, on the side of your enterprise directory, the synchronisation of your groups. You can opt for synchronization of:

  • all the groups in your enterprise directory
  • only part of the groups
    • for this case, you will have to apply a specific restriction from your enterprise directory, which differs depending on how it works. To do so, you can consult the documentation provided by the support of your directory provider.

2. After configuring the synchronization from your directory, ask your Account Manager to activate the synchronization of directory groups on your LockSelf instance (mandatory step).

Once it has been set up, you will need to perform the steps described in the next section to bring the groups of your directory into LockSelf.

Step 2 - Appearance of the directory groups in LockSelf

Once the synchronization is done, the groups will not appear in LockSelf automatically, because the groups are synchronized at the connection of the user.

It will therefore be necessary for a user who is a member of a group to log out and log back in to their LockSelf account (or create their own account if these groups are made up solely of new users) for the groups involved to appear.

Once a user has been reconnected (or their account activated), the enterprise directory group(s) to which they belong (and only these groups) will appear in LockSelf, in the Management tab, in the Directory Groups section.

🚨 In the case of a group composed solely of new users, the group will appear in the Directory Groups section, but only the user who has logged in will appear within the group. For all users in the group to be displayed, each of them must activate their account.

🚨 You can only share passwords or files with a user once they have validated their account and created their PIN code (which is the keystone of our encryption mechanisms).
🚨 If you add a new user to an existing group, when that user logs in, they will see the categories/folders that have been shared to the group in question, but will not see their contents, i.e. passwords/files. For these to appear, another user who is also present in the group must log in and log back in.
🚨If a user is removed from a directory group, they will no longer have access to passwords/files in categories/folders that had been shared with the group in question. However, their account will still exist and they will still be able to log in.