1475 - Configuring and starting the Active Directory Synchronization Service

  • Updated on Feb 6, 2026
  • 1 minute(s) read
  • VN
 Prev Next

Configuring and starting the Active Directory Synchronization Service

Summary

This article describes how to configure and start the Active Directory (AD) Synchronization Service for SES. AD Sync enables SES to import and maintain user and organizational unit (OU) information from Active Directory. AD Sync does not sync the user’s passwords nor devices.

IMPORTANT:

Before proceeding, ensure a full backup of the production database is completed.

Prerequisites

Minimum Requirements for the AD Sync Service Account

The service account used for AD Sync must have:

  • Read access to Active Directory
  • Membership of the Local Administrators group
  • DB Owner permissions on the SES SQL database

Configuration Steps

Step 1: Register the AD Sync Service

  1. Highlight AD Sync Service in the SES console.
  2. Select the account under which the service will run.
    • Default: Local System
    • Other options: Network Service or a specified User Account
  3. Click Register.

A screenshot of a computer AI-generated content may be incorrect.

Step 2: Load the Key File

  1. Browse to the key file path.
  2. Select the key file and enter the associated password.
  3. Once authenticated, the Server\Instance and Database fields will auto-populate.
  4. Click the Apply button at the bottom of the page

A screenshot of a computer AI-generated content may be incorrect.

Step 3: Add a Domain

  1. Navigate to the Sync Config tab.
  2. Right‑click Root of Tree View.
  3. Select Add Domain.

A screenshot of a computer AI-generated content may be incorrect.

Step 4: Configure Domain Access

  1. Enter the Active Directory Server Name.
  2. Provide the domain account credentials that have read access to AD.
    • Format: domain\username
    • Click Browse Forest.
  3. If one or more domains are detected, select the appropriate domain and click OK.

A screenshot of a computer AI-generated content may be incorrect.

Step 5: Select OUs for Synchronization

  1. In the left panel, click the domain to expand the OU structure.
  2. Check the boxes for the Domain and the OUs that should be synchronized.
  3. Click Save Sync.

A screenshot of a computer AI-generated content may be incorrect.

Step 6: Perform a Full Synchronization

  1. Click Full Sync.
  2. A confirmation message will appear indicating the configuration was saved successfully. Click Yes to proceed.

A screenshot of a computer error AI-generated content may be incorrect.

Step 7: Start and Monitor the AD Sync Service

  1. Click OK to save all settings.
  2. Right‑click the AD Sync Service and select Start.
  3. Click Monitor to view synchronization progress.

The synchronization is complete when Total Successful Synchronizations equals 1.
Verify that the expected OUs and users appear in the SES console.

A screenshot of a computer AI-generated content may be incorrect.

NOTE: Depending on the size of the Active Directory environment, the initial synchronization may take a few hours. The service will time out after 4 hours, so if the domain isn’t fully synced within this time, the service will time out.

Related articles