New Group

As is the case with Password Depot Enterprise Server users, you can choose one of the following options to add new groups to the Server Manager:

1. Using the button New group
2. Through Active Directory Synchronization 
3. Through Azure AD Synchronization

Add new groups manually

You can add new, local standard groups to the Server Manager manually using the New group button available in the Groups area on the right. Add a group name afterwards. If required, you can also add a detailed group description to the Description field. Manually created, local groups are standard groups always and you cannot change that. Using the Members tab you can add new users to a group afterwards. For more information, please also have a look at the chapter Group Properties.

HINT: You can add local users as well as Active Directory or Azure AD users to standard groups. Depending on the corresponding user type, the group members will choose the appropriate authentication type for the Enterprise Server login.

Add new groups through Active Directory synchronization

You can also add Active Directory groups to the Server Manager (through Active Directory synchronization). This may be helpful, for example, if you would like to use already existing Active Directory groups in the Server Manager also. To start synchronization, open the Server Manager and go to Tools → Active Directory Synchronization. The group objects will then be imported into the Server Manager from Active Directory. If synchronization could be completed successfully, you can see all objects that were imported from Active Directory in the Groups area afterwards. 

Password Depot also supports nested AD security groups.

WARNING: If group A is a member of group B and group A is imported via the built-in AD synchronization wizard, group B and its users will also be imported (if not unchecked manually). If any users get unselected Password Depot will not import the coresponding group but only the selected users.

When you launch the wizard you will first have to provide information about the domain you would like to use for importing users/groups to Password Depot Enterprise Server:

Groups that have been added to the Server Manager through Active Directory synchronization will also include the corresponding Active Directory users/members automatically. If a database is assigned to an Active Directory group afterwards, all group members (=AD users) can logon to the Enterprise Server through Integrated Windows Authentication (SSO). Again, please note the following in this case: During authentication a user's user name and password will be sent to the Active Directory. A message will then be sent back to Password Depot saying that the data sent is either correct or wrong. Based on this information the login will either be completed (if the data sent is correct) or denied (if it is wrong). Therefore, it is important that the user data available in the Server Manager corresponds to the user data in the Active Directory. Thus, we recommend performing Active Directory synchronization on a regular basis in order to transfer changes from the Active Directory into the Server Manager, too.

HINT:  Find out more about Active Directory synchronization in the chapter of the same name. 

Add new groups through Azure AD synchronization

If administrators want to work with Azure AD groups in the Server Manager, synchronization is required, too. To start synchronization, open the Server Manager and go to Tools → Azure AD Synchronization. The group objects will then be imported into the Server Manager from Azure AD. If synchronization could be completed successfully, you can see all objects that were imported from Azure AD in the Groups area afterwards.   

As is the case with Active Directory groups all Azure AD groups, that have been added to the Server Manager through Azure AD synchronization, will also include the corresponding Azure AD users/members automatically. If a database is assigned to an Azure AD group afterwards, all group members (=Azure AD users) can logon to the Enterprise Server using the Azure AD Authentication. 

HINT: Find out more about Azure AD synchronization in the chapter of the same name.

See also: Add Users, Add users by department

 

 

Return to the Password Depot homepage • Support Center • Legal Notice • Privacy Policy