We are aware of the issue with the badge emails resending to everyone, we apologise for the inconvenience - learn more here.
Forum Discussion
mxoh
7 years agoCollaborator | Level 10
I have a question about Azure AD and Dropbox. Can you help?
Hey there,
Has anyone tried connecting Azure AD to Dropbox? Does it provision groups? The instructions only mention about provisioning users https://www.dropbox.com/help/business/microsoft-azure-ad
- Thanks a lot for all the additional details mxoh, I'd happily follow-up with you on this question more closely!So as to further address your inquiries in the best possible way (& since this may need to be addressed by a specialized colleague), I’ve made sure to reach out to you directly via email (on the email address connected to your Forum profile).At your convenience, please check your inbox for my latest message and let me know here if you have any issues locating it.Thanks again & I’ll be awaiting your next email, so as to move forward on the matter together. I'm wishing you a wonderful rest of your day ahead!
- WalterDropbox Staff
Hey there mxoh - thanks for posting your question here.
While on the setup process, admins can choose if they'd like to sync AD groups to Dropbox. Meaning that those AD groups would be created as Dropbox groups and have the users added to it. The admin can select whether they’d like to use the same AD group (earlier chosen to sync users e.g. "Dropbox") to also sync their groups. An alternative group can be selected to sync groups e.g. "Dropbox-Groups" essentially meaning you manage your users through one group "Dropbox" and your groups through another group "Dropbox-Groups".
Moreover, when the AD connector runs, it checks the configured AD sync group and compares it to Dropbox, then does one of the following group actions:
1. Creates Dropbox group(s) if the group doesn’t exist in Dropbox already
2. Add members to groups, if applicable (only if users are also in their respective group of users that will sync).Additionally, have in mind that changes from Dropbox Business will not sync back to Active Directory. Once created, deleting a group from Active Directory will not delete the corresponding group from Dropbox Business. Instead, all users will be removed from the Dropbox group if either:
1. All members are removed from the sync group in Active Directory
2. The sync group e.g. "Dropbox-Groups" is removed from the Configuration step.I hope this helps clear this up and please let me know if you have any further questions.
Cheers!
- v-wasmitNew member | Level 2
Did you ever fiind out how to provision groups in the Azure portal? I have been working on this myself and it turns out when i navigate in the Azure Portal
Active Directory - Enterprise Applications - Dropbox - Provisioning - and scroll down to mapppings
We only see 1 link for provisioning users (and most applicaitons have 2 links )
Provision users
Provision Groups
- WalterDropbox Staff
Hey there v-wasmit - sorry to hear that.
Can you first make sure you're following these steps here to do this? To learn more about user provisioning with the AD Connector you can also refer to this page.
Having said that and as I'd really like to help with this, can you elaborate on what exactly is not working for you and maybe provide a screenshot so we can have a visual of this as well?
Let me know what you find please!
- A-CASTExplorer | Level 3
mxoh I believe I truly understand your question as I'm in a similar position as I'm also trying to figure some things out with setting up Dropbox for Business with AD.
Although, this question was marked as solved, it doesn't really give the answer as it was probably given to you via direct email. On this post however, everyone that tried to help from Dropbox didn't understand your question. I'm posting this for the benefit of those like me that didn't get that confirmation via a direct email.
I found this article on Microsoft that explains it easily that yes Azure AD does support both users and groups:
The one thing I'm still hung up on is finding out if both AD Connector is needed or just Azure AD, because from everything I've read it seems there is an older way that's not going to be available as mentioned in the article and a new one via Azure AD. So, for the provisioning of users and groups and using SSO it seems Azure AD works for that without using AD Connector.
From what I'm understanding and please correct me if I'm wrong anyone, the AD Connector says it's only used if we wish to sync groups not just users, but yet Azure AD says it can do both...this is where I'm stuck but I will be testing this soon and I'll eventually get my answer if I don't find it online first :-)
About Security and Permissions
Start a discussion in the Dropbox Community forum to get help with your account security and permissions. Find support from Community members.
Need more support
If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!