Entra ID (AAD) fields for UserSync on PrivaceraCloud
These are descriptions of fields for configuring PrivaceraCloud UserSync for Entra ID (AAD).
Add Connector
| Field name | Description |
| Enable Connector | Enable or disable this connector. |
| Service Type | AAD |
| Name | Identifying name of this connector. |
| Field name | Description | Tab in application set-up |
| Tenant ID | Tenant ID | Basic |
| Client ID | Application Client ID | Basic |
| Client Secret | Application Client Secret | Basic |
| Group Only | Sync only users that are members of groups. Allowable values: true or false | Advanced |
| Attribute Only | Sync only users that have the specified attribute. | Advanced |
| Incremental | Enable incremental search. Syncing only changes since last search. Allowable values: true or false | Advanced |
| Service Principals as Users | Enable sync of service principals as a User. Allowable values: true or false Default: false | Advanced |
| Search Deleted User | Enable detection of deleted users. Allowable values: true or false | Advanced |
| Search Deleted Group | Enable detection of deleted groups. Allowable values: true or false | Advanced |
| Sync Interval | Interval in minutes between syncs. Default value is 60. | Advanced |
| Add Custom Properties | Custom properties to pass to the connector. | Advanced |
| Field name | Description | Tab in application set-up |
| Include Users | List of users to include from sync results. If this list is defined, all users not on this list are ignored. | Basic |
| Include Groups | List of groups to include from sync results. If this list is defined, all groups not on this list are ignored. | Basic |
| Include Users by Domain | Include users by domain. If this list is defined, all users who are not a member of domains in this list are ignored. | Basic |
| Exclude Users | List of users to ignore from sync results. | Basic |
| Exclude Groups | List of groups to ignore from sync results. | Basic |
| Exclude Users by Domain | Exclude users by domain. If this list is defined, all users who are a member of domains in this list are ignored. | Basic |
Base Attributes
| Field name | Description | Tab in application set-up |
| Username | Attribute of a user’s username. Default: userPrincipalName. | Basic |
| First Name | Attribute of a user’s first name. Default: givenName. | Basic |
| Last Name | Attribute of a user’s last name. Default: surname. | Basic |
| Email | Attribute of a user’s email. Default: userPrincipalName. | Basic |
| Group Name | Attribute of a group’s name. Default: displayName. | Basic |
| Group Members | Attribute listing a group’s members. Default: . | Basic |
| Service Principal Username | Attribute of service principal name. Default: displayName | Basic |
| Extract From Email | Extract the attribute from an email address. Example: username@domain.com extracts username. Default: false | Advanced |
| Prefix | Prefix to prepend to the attribute value. No default. | Advanced |
| Postfix | Postfix to append to the attribute value. No default. | Advanced |
| To Lowercase | Convert the attribute value to lowercase. Default: false | Advanced |
| To Uppercase | Convert the attribute value to uppercase. Default: false | Advanced |
| Regex | Apply regex to attribute value. No default. | Advanced |
Custom User Attributes
| Field name | Description | Tab in application set-up |
| Attribute Name | Attribute key to sync with user. | Basic |
Custom Group Attributes
| Field name | Description | Tab in application set-up |
| Attribute Name | Attribute key to sync with group. | Basic |
OMNI for UserSync on PrivaceraCloud
To enable provisioning of user and group information into OMNI for UserSync in PrivaceraCloud, first ensure that your account is OMNI enabled and provisioned.
In UserSync Configuration, Configure Connector, Advanced tab add the following custom property:
| Text Only |
|---|
| usersync.user.loader.omni.enabled=true
|