OneLogin seamlessly connects your directory infrastructure to thousands of cloud applications. Use Active Directory, LDAP, Google Apps, Workday or use OneLogin as your directory in the cloud. You can even manage multiple directories. For example, you might have employees in Active Directory, customers in LDAP, and contractors in OneLogin. Connect them all to OneLogin, which will present them as one unified directory to your cloud apps.
Let’s say you hire a new salesperson and assign them to the North American Sales Group in Active Directory. OneLogin’s Active Directory Connector pushes the change to OneLogin in real time and provisions the new user in Salesforce, Box, Google Apps and other cloud applications.
You can connect your Active Directory or LDAP server to OneLogin in minutes. For AD, just run the installer on a Windows server and you’re good to go. No firewall changes required. For LDAP, simply open a port in your firewall so OneLogin can reach it over SSL.
Connect Multiple Directories
Most cloud applications are only able to talk to one LDAP server at the time. If your users are stored in multiple directories, you can connect them all to OneLogin, which will present them as one unified directory to your cloud apps.
Real-Time User Sync
Active Directory users are synchronized in real-time, which means that creating, updating and suspending immediately take effect in OneLogin. Real-time sync streamlines administration and provides IT with an effective kill switch for users who need to be disabled immediately.
If you are using Workday as your HRIS solution, OneLogin can automatically import users from Workday. OneLogin can map employee fields in Workday to custom user fields in OneLogin and even provision these changes to your Active Directory.
OneLogin provides various ways of ensuring high-availability of your directory, even if you only have one instance of it. This ensures that users can always sign into OneLogin and access their applications.
If you are using OneLogin to provision users in cloud applications, you can also choose to push AD password changes to OneLogin so they can be synchronized with apps that use passwords, e.g. Google Apps needs POP3/IMAP passwords.
AD-FS and Other Identity Providers
If your organization is already using AD-FS or another on-premise identity provider, OneLogin’s SAML Service Provider interface allows you to sign users in via SAML or to use SAML chaining to sign users directly into applications through OneLogin.