U of I Box, Active Directory Group Sync

What is Box Active Directory Group Sync? How can I request my Active Directory group be synchronized to U of I Box?

If your unit or team already users Active Directory (AD) groups to manage access to IT resources, you can now synchronize your AD groups' membership to Box. When members are added to or removed from an AD group, they will also be added or removed from an associated Box group. Nested AD groups are supported.

With Box Groups, you can add multiple users to content stored in Box quickly and easily.  When a user is added to the group, they gain access to content the group already has permissions to.  When a user is removed from the group, they will lose access to content shared with that group.

Box Groups are added as collaborators to files and folders, just like an individual user.  All members of that group will have the permissions granted to the group. See Inviting Collaborators and Understanding Collaborator Permission Levels for more details.

Requesting Group Synchronization

We require a few pieces of information to get started synchronizing your AD group to Box. Please send the following information to consult@illinois.edu:
  1. The full distinguished name of the Active Directory group (example: CN=Project Team,CN=admin,DC=corp,DC=Fabrikam,DC=COM)
  2. A requested display name for the group in Box.  This should be specific and include a reference to your unit or department.

Frequently Asked Questions

Who can invite my Box Group to collaborate? Can someone outside the group invite the group?
Box Groups are only visible to members of the group by default. They can be made visible to all members of our U of I Box domain by request.

Personal accounts and accounts outside our enterprise cannot invite groups to collaborate.

My team members are not all included in the Box group. Why is that?
Box Groups can only contain members of our U of I Box enterprise.  Please have them verify their account type is Enterprise in Account Settings. Contact consult@illinois.edu to join the enterprise.

How often does the synchronization process run?
The synchronization process runs on the hour. The frequency may be changed in the future if needed.

Are nested AD groups supported?
Yes, our process reads the membership of nested AD groups.

Will group members receive email notification when the group is added to content?
No, group invitations do not trigger email notifications. The user will be notified of new collaborations on their next visit to Box Web.




Keywords:UofI Box Active Directory AD permissions groups   Doc ID:48071
Owner:Isaac G.Group:University of Illinois Technology Services
Created:2015-03-03 14:22 CSTUpdated:2019-01-25 14:32 CST
Sites:University of Illinois Technology Services
Feedback:  1   0