& Construction
![architecture engineering and construction collection logo](https://damassets.autodesk.net/content/dam/autodesk/www/universal-header/flyout/architecture-engineering-construction-collection-uhblack-banner-lockup-364x40.png)
Integrated BIM tools, including Revit, AutoCAD, and Civil 3D
& Manufacturing
![product design manufacturing collection logo](https://damassets.autodesk.net/content/dam/autodesk/www/universal-header/flyout/product-design-manufacturing-collection-uhblack-banner-lockup-364x40.png)
Professional CAD/CAM tools built on Inventor and AutoCAD
Integrated BIM tools, including Revit, AutoCAD, and Civil 3D
Professional CAD/CAM tools built on Inventor and AutoCAD
Transcript
00:03
As a primary administrator for your Autodesk account, you are able to incorporate the use of active directory sync.
00:09
In this video, we introduce this tool and discuss the benefits.
00:15
Having implemented Autodesk SSO, you have leveraged your company's active directory for authentication.
00:21
This means that once a user authenticates on your domain,
00:24
the credentials are passed to Autodesk through the SAML assertion protocol,
00:28
to subsequently authenticate their Autodesk IDs and provide immediate access to their Autodesk software and services.
00:38
Once the Autodesk SSO has been fully enabled,
00:41
any user who is able to authenticate on your domain and does not have an existing Autodesk account,
00:46
will have an Autodesk account automatically created using the self-registration functionality of SSO.
00:53
This new account is automatically added to your company's Autodesk tenant as a new user.
00:58
However, it is important to remember that,
01:00
this still leaves assigning software entitlements to this new user up to your account's primary administrator.
01:07
Until entitlements are assigned, the new user will not have access to any software licenses that they may need.
01:16
To take your Autodesk implementation one step further, you can enable active directory sync.
01:21
This allows administrators to define groups of users on your company domain that can be synced to your Autodesk account.
01:28
This allows users to be added to a team without requiring users to sign-in or self-register,
01:34
or administrators to manually invite them to the Autodesk account.
01:38
When coupled with the team's feature to assign products by groups,
01:42
this provides a user provisioning workflow where a user can be added to the group in an organization's directory,
01:49
synced to a read-only group in the team in the Autodesk account, and then be automatically assigned software access.
01:57
Directory sync also provides a clean deprovisioning process,
02:01
where users removed from the organization's directory will no longer have product access or be a part of the sync group.
02:11
There are four distinct phases to implementing active directory sync.
02:16
The first of these phases is the preparation phase.
02:19
This is an important phase that sets the stage for a successful implementation of active directory sync.
02:26
To begin, you want to ensure that SSO has been enabled for the domain that you were intending to sync from.
02:31
You will also want to identify a domain administrator that has access to your identity provider tools,
02:37
as they will be required to help set up directory sync and may be required to install a directory agent.
02:43
And then, the final step in this preparation phase is to identify your directory environment method.
02:49
Autodesk offers two methods of implementing directory sync.
02:53
The first being on-premise, which uses an active directory agent,
02:57
which is a downloadable component that is installed on the local domain server to create a directory sync connection in your Autodesk account.
03:06
The second is using a system for cross-domain identity management or SCIM, which is an industry standard for creating a directory connection.
03:15
The two supported are Azure and Okta.
03:20
The next two steps of implementation is where you will focus on setting up and configuring active directory sync for your account.
03:28
The steps in these phases vary depending on the method you choose for implementation.
03:34
These steps have been conveniently detailed in Autodesk Single Sign-on configuration as shown here.
03:41
In the final phase, you will enable active directory sync to start the synchronization,
03:46
and then you should login to Autodesk account and be sure to review the results.
03:50
Unlike the SSO implementation that benefits users with an easier login process,
03:56
this active directory sync implementation benefits the administrators the most,
04:00
in that now user creation and software entitlements can be driven through your active directory.
Video transcript
00:03
As a primary administrator for your Autodesk account, you are able to incorporate the use of active directory sync.
00:09
In this video, we introduce this tool and discuss the benefits.
00:15
Having implemented Autodesk SSO, you have leveraged your company's active directory for authentication.
00:21
This means that once a user authenticates on your domain,
00:24
the credentials are passed to Autodesk through the SAML assertion protocol,
00:28
to subsequently authenticate their Autodesk IDs and provide immediate access to their Autodesk software and services.
00:38
Once the Autodesk SSO has been fully enabled,
00:41
any user who is able to authenticate on your domain and does not have an existing Autodesk account,
00:46
will have an Autodesk account automatically created using the self-registration functionality of SSO.
00:53
This new account is automatically added to your company's Autodesk tenant as a new user.
00:58
However, it is important to remember that,
01:00
this still leaves assigning software entitlements to this new user up to your account's primary administrator.
01:07
Until entitlements are assigned, the new user will not have access to any software licenses that they may need.
01:16
To take your Autodesk implementation one step further, you can enable active directory sync.
01:21
This allows administrators to define groups of users on your company domain that can be synced to your Autodesk account.
01:28
This allows users to be added to a team without requiring users to sign-in or self-register,
01:34
or administrators to manually invite them to the Autodesk account.
01:38
When coupled with the team's feature to assign products by groups,
01:42
this provides a user provisioning workflow where a user can be added to the group in an organization's directory,
01:49
synced to a read-only group in the team in the Autodesk account, and then be automatically assigned software access.
01:57
Directory sync also provides a clean deprovisioning process,
02:01
where users removed from the organization's directory will no longer have product access or be a part of the sync group.
02:11
There are four distinct phases to implementing active directory sync.
02:16
The first of these phases is the preparation phase.
02:19
This is an important phase that sets the stage for a successful implementation of active directory sync.
02:26
To begin, you want to ensure that SSO has been enabled for the domain that you were intending to sync from.
02:31
You will also want to identify a domain administrator that has access to your identity provider tools,
02:37
as they will be required to help set up directory sync and may be required to install a directory agent.
02:43
And then, the final step in this preparation phase is to identify your directory environment method.
02:49
Autodesk offers two methods of implementing directory sync.
02:53
The first being on-premise, which uses an active directory agent,
02:57
which is a downloadable component that is installed on the local domain server to create a directory sync connection in your Autodesk account.
03:06
The second is using a system for cross-domain identity management or SCIM, which is an industry standard for creating a directory connection.
03:15
The two supported are Azure and Okta.
03:20
The next two steps of implementation is where you will focus on setting up and configuring active directory sync for your account.
03:28
The steps in these phases vary depending on the method you choose for implementation.
03:34
These steps have been conveniently detailed in Autodesk Single Sign-on configuration as shown here.
03:41
In the final phase, you will enable active directory sync to start the synchronization,
03:46
and then you should login to Autodesk account and be sure to review the results.
03:50
Unlike the SSO implementation that benefits users with an easier login process,
03:56
this active directory sync implementation benefits the administrators the most,
04:00
in that now user creation and software entitlements can be driven through your active directory.
Sign in to start learning
Sign in for unlimited free access to all learning content.Save your progress
Take assessments
Receive personalized recommendations