Skip to content

Sync users in Sophos Central

You need to import users from your directory service.

To do this, you set up directory service synchronization in Sophos Central (if you haven't already done this).

Our instructions show how to set up synchronization from Azure AD to Sophos Central.

Note

If you have on-premise Active Directory (AD), the steps depend on which identity provider (IdP) you plan to use for ZTNA:

  • If your IdP will be Azure, synchronize from AD to Azure AD first (using Microsoft AD Connect). Then follow our instructions below.
  • If your IdP will be Okta, follow the instructions in Set up synchronization with Active Directory.

To set up synchronization from Azure AD to Sophos Central, do as follows:

  1. Sign in to Sophos Central.

  2. Go to Global Settings. Under Administration, click Directory service.

  3. Click Get started.

    Screenshot of directory service page

  4. In Select directory service, select Azure AD Sync.

    Screenshot of Select directory service dialog

  5. In Configure Azure Sync Settings, do as follows:

    1. In Step B: Configure Azure Sync Settings, enter the settings you used for your Azure tenant and click Test Connection.
    2. In Step C: Select users and groups to include in the sync, choose which groups you want to sync.

      The groups you select must be security enabled in Azure AD.

      For more information on how to use the filters, see Filter users and groups in the Sophos Central Admin help.

    3. Click Save & Sync in the upper right of the page.

    Screenshot of Directory service page

  6. Your user groups are imported. To check this, go to Overview > People and click the Groups tab.

    Screenshot of user groups list

To keep your groups synchronized with Sophos Central in future, you can set up scheduled synchronization. See "Set up your synchronization schedule" in Set up synchronization with Azure AD.

Next, set up an identity provider.