Change directory service

Follow these instructions to change your directory service.

These instructions assume you're already using a directory service in Sophos Central and that you want to change services.

Restriction You must be an Admin to set up or change directory services.

If you have existing users or groups in Sophos Central, make sure they have a match in your new directory service if you want to add, remove, or change their details using that service.

If any users or groups don't have a match, you need to manage them manually in Sophos Central.

If you change from Active Directory to Azure AD, we recommend that you uninstall the Active Directory Synchronization Setup utility and remove your Sophos API credentials. Sophos Central rejects new data from Active Directory once you change directory service. You must stop the synchronization between Active Directory and Sophos Central.

If you change from Azure AD to Active Directory, you lose your filter settings.

You can choose not to use a directory service. If you choose this option, your users and groups remain in Sophos Central, but you can't synchronize any changes. You need to manage your users and groups in Sophos Central.

To change directory service, do as follows:

  1. Review the requirements for your chosen directory service so that you have the information you need for setting up the new service.
  2. Go to Overview > Global Settings > Directory service.
  3. Click Change directory service?
  4. Choose the directory service you want to move to.
    • AD sync
    • Azure AD sync
    • None
  5. Click Next and review and acknowledge the warning.
  6. Click Next.
  7. Now follow the steps for setting up your chosen directory service.