Migrating Users from Active Directory/LDAP to Entra ID
The process below details how to migrate users from Active Directory/LDAP to Entra ID.
Before migrating with Entra Connect or another solution, note that Entra ID SSO authentication with a password is only supported for browser-based sessions, Files.com Desktop app, and the Files.com Mobile App. SFTP and API authentication use SFTP Keys or API Keys.
Set up Entra ID (SAML) alongside your existing Active Directory/LDAP SSO provider. Test the functionality with an existing Active Directory/LDAP user by updating their authentication method to Entra ID at User Accounts -> Users -> [Username] -> Authentication. Verify that the user can log in using the Sign in with Entra ID SSO button. After confirming Entra ID SSO works for a single user, update the authentication method for the remaining Active Directory/LDAP users to Entra ID. For a large user base, consider using one of our SDKs to script this process, and reach out if you need assistance. After all users are updated to use Entra ID authentication, you can safely remove the Active Directory/LDAP SSO provider.
Differences Between Active Directory/LDAP and Entra ID After Migrating Users
After migrating users from Active Directory/LDAP to Entra ID, behavior on the Files.com platform differs in a few ways:
| Field | Active Directory/LDAP | Entra ID |
|---|---|---|
| Can use AD/LDAP password for web browser based access? | Yes | Yes |
| Can use AD/LDAP password for FTP(S) / SFTP / WebDAV / API access? | Yes | No |
| Automated provisioning method (if configured) | Hourly sync | Immediate via SCIM (recommended) |
| Provisioning logs | Hourly sync logs available at Files.com External Logs | Provided by Azure at the Entra ID Provisioning logs |