Sync universal groups and users in a multi-domain Active Directory
Organizations can have multiple Active Directory (AD) domains for different geographical regions. To sync all of the users in all groups, EAA has the global catalog server option. When this option is not selected, groups and users belonging to other domains with the same AD forest will not be synced.
- Log in to the EAA Management Portal as an administrator.
- From the top menu bar select .
- Locate the directory card you want to enable global sync across multiple domains in the Active Directory. Click Settings (gear icon).
- Click Show additional attributes and select Global catalog server.
- Click Save directory.
Return to the directory card
and click Sync. You should see all users synced across multiple
Note: EAA uses ports 3268 and 3269 on the global catalog server to sync groups and users. Administrators should make sure EAA can communicate with the Active Directory on these ports and configure firewall rules to add these ports to allow list.