Features requiring write access to Active Directory (7.1.0)

Features requiring write access to Active Directory

There are some features that require write access to be enabled for the ThoughtFarmer AD service account. The settings for this account are configured on the Active Directory page.

Group synchronization using MS Exchange mode

ThoughtFarmer groups can be synced with AD/Exchange security or distribution groups. Without write access group sync can only occur in simple mode. This only allows for basic sync from AD to ThoughtFarmer for existing AD groups. Enabling write access allows group sync to operate in MS Exchange Mode. This adds the ability to automatically configure Discussion Capture pages for distribution groups from within ThoughtFarmer. Without write access all Discussion Capture pages must be configured manually.

User profile field mapping where ThoughtFarmer is the data owner

ThoughtFarmer can perform a two way mapping between AD user attributes and ThoughtFarmer profile fields. If ThoughtFarmer is set as the data owner then user updates to these fields will write back those changes to AD. This requires write access permissions for the AD service account as well as write access enabled in ThoughtFarmer. Please see Active Directory field mappings for more information.

With no write access enabled, all fields that are synced must have AD as the data owner. Any changes made by users will be overwritten when the Active Directory synchronization tasks "Refresh mapped user fields where the data owner is AD" is run.