📋 Free Download: 2026 HIPAA Compliance Checklist — updated for the latest OCR enforcement priorities. Get it free →

Administrator Guide 9 min read

Active Directory Integration

Connect AXIS CloudSync to your Active Directory (AD) or LDAP server to automatically sync users and groups. Employees can log in with their existing domain credentials, and new hires are provisioned automatically.

Overview & Benefits

AXIS CloudSync's Active Directory integration uses LDAP to synchronize your existing directory with the platform. Instead of manually creating and managing user accounts, your AD becomes the single source of truth.

  • Automatic provisioning — New AD users are automatically created in AXIS CloudSync.
  • Automatic deprovisioning — Disabled AD accounts are automatically suspended in AXIS CloudSync.
  • Group-based Team Shares — Map AD groups to AXIS CloudSync Team Shares for automatic membership management.
  • Single Sign-On — Users log in with their existing domain credentials — no separate AXIS password required.
  • Reduced IT overhead — One place to manage access across all systems.

Prerequisites

  • Active Directory (Windows Server 2012 R2 or later) or an LDAP-compatible directory server.
  • A service account in AD with read access to the users and groups you want to sync.
  • Network connectivity between your AD server and the internet (for AXIS CloudSync to query your directory).
  • AXIS CloudSync Administrator access.

Note

If your AD server is behind a firewall, you may need to configure a firewall rule to allow outbound LDAP (port 389) or LDAPS (port 636) connections, or use the AXIS CloudSync AD Connector agent for on-premises environments.

Configuring the Integration

  1. 1In the Admin panel, navigate to Settings → Integrations → Active Directory.
  2. 2Click Configure Active Directory.
  3. 3Enter your AD server details: Server hostname or IP, Port (389 for LDAP, 636 for LDAPS), and Base DN (e.g., DC=yourcompany,DC=com).
  4. 4Enter the Service Account DN and Password for the read-only service account.
  5. 5Click Test Connection to verify AXIS CloudSync can reach your AD server.
  6. 6If the test succeeds, click Save Configuration.

Tip

Use LDAPS (port 636) instead of plain LDAP (port 389) for encrypted communication between AXIS CloudSync and your directory server. This is required for HIPAA compliance.

Syncing Users & Groups

  1. 1After configuring the connection, navigate to Settings → Active Directory → Sync Settings.
  2. 2Select the Organizational Units (OUs) or Groups you want to sync into AXIS CloudSync.
  3. 3Map AD groups to AXIS CloudSync Team Shares if desired — members of the AD group will automatically be added to the corresponding Team Share.
  4. 4Set the sync frequency: Real-time (recommended), Hourly, or Daily.
  5. 5Click Save and then Run Initial Sync to import users immediately.
AD StateAXIS CloudSync Action
New user added to synced OU/GroupUser account created in AXIS CloudSync
User removed from synced OU/GroupUser account suspended in AXIS CloudSync
User account disabled in ADUser account suspended in AXIS CloudSync
User details updated in AD (name, email)AXIS CloudSync account updated automatically

Single Sign-On (SSO)

With AD integration enabled, you can optionally configure Single Sign-On so users authenticate with their domain credentials instead of a separate AXIS CloudSync password.

  1. 1Navigate to Settings → Integrations → Single Sign-On.
  2. 2Enable Active Directory SSO.
  3. 3Configure the SSO settings according to your AD environment.
  4. 4Test SSO by logging out and logging back in with your AD credentials.

Note

SSO does not bypass Two-Step Authentication. If 2FA is enforced, users will still be prompted for their second factor even when using SSO credentials.

Troubleshooting

  • Connection test fails — Verify the server hostname, port, and service account credentials. Check firewall rules to ensure AXIS CloudSync can reach your AD server on the specified port.
  • Users not syncing — Confirm the service account has read access to the selected OUs and groups. Check the sync log in Settings → Active Directory → Sync Log for error details.
  • User can't log in with AD credentials — Verify SSO is enabled and the user's AD account is in a synced OU. Check that their AD email matches their AXIS CloudSync email.
  • Sync is slow — Large directories may take time on the initial sync. Subsequent syncs are incremental and much faster. Contact support if the initial sync takes more than 30 minutes.
Back to All Tutorials
Schedule a Demo