External Group Synchronization

When you import a group from CentraSite's external authentication system, CentraSite fetches the group's details from the authentication system and automatically synchronizes (updates) the group's membership on CentraSite.

Group synchronization occurs in the following cases:

When you initially import a group from the external authentication system. This creates an externally managed custom group in CentraSite. When such an externally managed custom group is created, CentraSite queries the external system to determine which members of the group are registered users in CentraSite. Those users become members of the externally managed custom group on CentraSite.

When you add a user to CentraSite from the external authentication system. Whenever a new user is added from the external authentication system, CentraSite queries the external system to determine in which groups the user is a member. If any of those groups have been imported into CentraSite, the user is automatically added to the corresponding groups in CentraSite.

When a user is deleted from a group in the external authentication system. The removal of a user from a group can be done only in the external authentication system, and the change will be reflected in CentraSite when the synchronization occurs.

Assume that the users User1, User2, User3, User4 and User5 are defined on the external authentication system, and do not belong to any group on the external authentication system. Assume that all of these users except User1 have already been imported from the external authentication system to CentraSite, but do not yet belong to any group in CentraSite. Now assume that a group called GroupA is created in the external authentication system, and GroupA has members User1, User2 and User3.

If GroupA is imported to CentraSite, the registered CentraSite users User2 and User3 become members of GroupA in CentraSite, as the membership of the group is maintained in external authentication system (User 1 is not registered in CentraSite, therefore it is not available as a member in Group A). We cannot add more users manually to GroupA in CentraSite, since CentraSite just refers to the external authentication system for the membership details. However, if User4 and User5 are added to GroupA in the external authentication system, they also become members of the GroupA in CentraSite when the automatic synchronization occurs.

In this scenario, User1 is not yet a member of GroupA in CentraSite, since User1 is not a registered user in CentraSite. To add User1 to the group in CentraSite, you need to define User1 as a user in CentraSite and associate this user with GroupA in the external authentication system.