User Import & Synchronization
Import users from Active Directory, Azure AD, or CSV files with automated synchronization
Overview
PhishFortress supports multiple methods for importing and synchronizing user data from your existing systems. This ensures your security awareness program stays up-to-date with organizational changes and reduces administrative overhead.
Prerequisites
You'll need appropriate permissions in your directory service (Active Directory, Azure AD) or access to user data in CSV format. Some integrations require administrator approval.
Import Methods
Choose the import method that best fits your organization's infrastructure and requirements.
CSV Import
Upload user data from spreadsheet files
Fastest Setup
- • One-time or periodic imports
- • No system integration required
- • Full control over data format
- • Supports bulk operations
Active Directory
Sync with on-premises AD infrastructure
Automated Sync
- • Real-time synchronization
- • Group and OU mapping
- • Attribute synchronization
- • Secure LDAP connection
Azure AD
Connect with Microsoft cloud directory
Cloud Native
- • OAuth 2.0 authentication
- • Microsoft Graph API
- • Group membership sync
- • Conditional access support
CSV Import Process
CSV import is the quickest way to get started with user data in PhishFortress. Follow these steps for a successful import.
Data Preparation
- Download the CSV template from Users → Import Users → Download Template
- Gather user information from your HR system or directory
- Clean and validate email addresses for accuracy
- Organize users into logical groups or departments
- Ensure all required fields are populated
Data Quality Tips
Remove duplicate entries, validate email formats, and ensure consistent department naming before import.
Active Directory Integration
Connect PhishFortress with your on-premises Active Directory for automated user synchronization and group management.
Setup Requirements
Prerequisites for Active Directory integration
Network Requirements
- • LDAP/LDAPS connectivity to domain controller
- • Firewall rules for ports 389/636
- • DNS resolution for domain controllers
- • Network latency under 100ms
Service Account
- • Dedicated service account
- • Read permissions on user objects
- • Access to organizational units
- • Password never expires setting
Security Note
Use a dedicated service account with minimal required permissions. Avoid using administrator accounts for LDAP connections.
Configuration Steps
Step-by-step setup process
- Navigate to Integration Settings: Go to Settings → Integrations → Active Directory
- Configure Connection: Enter domain controller details, service account credentials, and base DN
- Test Connection: Verify connectivity and authentication with the test button
- Map Attributes: Configure how AD attributes map to PhishFortress user fields
- Set Sync Schedule: Configure automatic synchronization frequency
- Initial Sync: Perform the first synchronization and review imported users
Example Configuration
Server: dc1.company.com:636
Base DN: OU=Users,DC=company,DC=com
Service Account: CN=phishfortress,OU=Service Accounts,DC=company,DC=com
Sync Schedule: Every 4 hoursAzure Active Directory Integration
Connect with Microsoft Azure AD using modern OAuth 2.0 authentication and Microsoft Graph API for seamless cloud-based user synchronization.
Azure AD Setup
Configure Azure AD application and permissions
Application Registration
- Sign in to the Azure portal as a Global Administrator
- Navigate to Azure Active Directory → App registrations
- Click "New registration" and name it "PhishFortress Integration"
- Set redirect URI to the provided PhishFortress callback URL
- Note the Application (client) ID and Directory (tenant) ID
- Create a client secret in Certificates & secrets
Required Permissions
Microsoft Graph API Permissions
- • User.Read.All: Read all users' profiles
- • Group.Read.All: Read all groups
- • Directory.Read.All: Read directory data
- • Organization.Read.All: Read organization information
Admin Consent Required
These permissions require admin consent. Click "Grant admin consent" in the Azure portal after adding permissions.
Synchronization Features
Advanced sync capabilities with Azure AD
User Synchronization
- • Real-time user updates
- • Profile photo synchronization
- • Manager hierarchy mapping
- • Custom attribute support
Group Management
- • Security group mapping
- • Distribution list sync
- • Dynamic group support
- • Nested group handling
Automation and Scheduling
Set up automated synchronization to keep your user data current without manual intervention.
Sync Scheduling
Configure automatic synchronization intervals
Sync Frequency Options
- • Real-time: Immediate updates (Azure AD only)
- • Hourly: Every hour during business hours
- • Daily: Once per day at specified time
- • Weekly: Weekly synchronization
- • Manual: On-demand sync only
Sync Scope
- • Full Sync: All users and groups
- • Incremental: Only changed objects
- • Filtered: Specific OUs or groups
- • Selective: Custom LDAP filters
Recommended Settings
For most organizations, daily incremental sync during off-hours provides the best balance of currency and performance.
Sync Monitoring
Monitor and troubleshoot synchronization processes
Sync Status Dashboard
- • Last sync timestamp and duration
- • Number of users added, updated, disabled
- • Sync errors and warnings
- • Connection health status
Notifications
- • Sync failure alerts
- • Large change notifications
- • Connection issue warnings
- • Weekly sync summary reports