Large organizations often use Microsoft Active Directory or Google G Suite to manage employee accounts on a company network. Pyrus works with both, and lets you easily manage the list of accounts synchronizing users with your identity provider.
This synchronization saves an administrator’s time, reduces the number of errors in creating new accounts, and enhances security by blocking access to former employees’ accounts across all systems.
The user automatically receives an invitation to Pyrus when a new account is created in Active Directory. When blocked in Active Directory, the user loses access to his or her Pyrus account, and all their active sessions are terminated across all devices.
Launch Pyrus Sync, then click Active Directory Sync in the left panel.
Pyrus Sync will prepare accounts for synchronization, and you will see everything being sent to Pyrus. You can change the mapping by selecting the right values in the Active Directory section.
Important: Only users from the organizational units (OU) whose titles end with “user” or “users” (like sales department users) will be synchronized.
If your organization structure has several hierarchy levels, you need to manually create those levels first in the Pyrus orgchart. Pyrus Sync will map the user attributes in Active Directory to the Pyrus organization structure during synchronization. If there are departments in Active Directory that aren’t listed in the organizational structure in Pyrus, they will appear in Pyrus after synchronization.
Note: Every two hours, Pyrus Sync tracks changes in Active Directory and prepares them for synchronization. If any changes should be sent immediately to Pyrus, click Update now before synchronizing.
Click Sync and the program will show the changes that it found.
The status indicated in the Status column shows why some users will be added and why others will be updated or blocked.
Pyrus Tip: The list of updated elements may include hundreds of entries. For example, when a company goes international, employee names should be transliterated into English. To find the right person on a large list, use the Search users field. The search supports regular expressions. Let’s suppose titles of some user accounts start with a number. To quickly find them, enter ^[0-9] in the search box.
If you don’t want certain accounts to be synchronized in Pyrus, mark them with a check in the list and click Add to exceptions.
Click Sync to start synchronizing. Pyrus Sync will report the results upon completion.
If you manage your users with G Suite, your colleagues can join your organization in Pyrus and log in with their corporate emails. If they’re blocked in G Suite, they can’t log in to Pyrus.
No synching with G Suite is necessary, just send a link to your colleagues. They will log in to Pyrus using their Google accounts and will be automatically added to your organization. Later on, your colleagues will be able to log in to Pyrus the same way, or with a code sent to their corporate emails.
If you block or delete users in G Suite, they will lose access to their corporate email and won't be able to log in to Pyrus.
Note: blocked users will lose access to Pyrus only after their active sessions are terminated, and only if they have not set a permanent password. We strongly recommend that you block the user in Pyrus on the User management page.