1. Home
  2. Knowledge Base
  3. On-premise/Customer-Hosted Server
  4. Active Directory
  5. Active Directory on Savance Workplace Version 10.3.47+

Active Directory on Savance Workplace Version 10.3.47+

In the previous system ADSync was performed using PagedSearch, in server version’s past 10.3.47, the AD Sync is performed by Directory Search ,which is more stable when compared to PagedSearch.

In Paged search, there may be a difference in number of expected directory entries (OUs, Groups, Users) due to some of the following constraints: server time limit and page size limit. In such cases, paged search returns only the number of directory entries that are collected before exceeding such limits.

Directory search is performed by retrieving directory entries (by page wise) belonging to the OU/Group.

This means you can now sync on Security Groups, and EIOBoard will automatically add and remove users as you add and remove people from the Security Group in Active Directory, so you don’t have to manage the template from the EIOboard side at all once you have the Security Group synced!

Server Name

If it’s not set to it already, you will have to switch the AD Server name in the EIOBoard Server settings to the Fully Qualified Domain Name.

This is because the AD Server name will now need to match the FQDN on the SSL certificate for the AD Server.

Authentication types

AD Sync uses the Auth Type value from the registry, so after upgrading EBServer,  please make sure that the correct auth type is selected under

ADSync > ConnectionSettings in EIOBoard Server Settings. If not, select the required auth type (mostly it will be ‘Secure’), save the changes and click Test Connection to test the connection.

The AuthenticationTypes enumeration specifies the types of authentication used in DirectorySearch:



Enables Active Directory Services Interface (ADSI) to delegate the user’s security context, which is necessary for moving objects across domains.


A user can use this option to boost the performance in a series of object manipulations that involve only methods of the base interfaces. However, ADSI does not verify if any of the request objects actually exist on the server. For more information, see the Fast Binding Option for Batch Write/Modify Operations article.


Equates to zero, which means to use basic authentication (simple bind) in the LDAP provider.


For a WinNT provider, ADSI tries to connect to a domain controller. For Active Directory Domain Services, this flag indicates that a writable server is not required for a serverless binding.


Encrypts data using Kerberos.


Requests secure authentication. When this flag is set, the WinNT provider uses NTLM to authenticate the client. Active Directory Domain Services uses Kerberos, and possibly NTLM, to authenticate the client.


Attaches a cryptographic signature to the message that both identifies the sender and ensures that the message has not been modified in transit. Active Directory Domain Services requires the Certificate Server be installed to support Secure Sockets Layer (SSL) encryption.


If your ADsPath includes a server name, specify this flag when using the LDAP provider. Do not use this flag for paths that include a domain name or for serverless paths. Specifying a server name without also specifying this flag results in unnecessary network traffic.


Verifies data integrity to ensure that the data received is the same as the data sent.

Was this article helpful?

Related Articles