as many others we have to switch to Sophos Mobile in Sophos Central. We want to synchronise our Active directory users to Sophos Mobile but we do not want to use LDAP for this (for security reasons).
We found the Sophos Central AD Sync Utility. Is it possible to sync our users with the utility and use the synced users in Sophos Central Mobile?
Just asking because in the Sophos Central Mobile documentation the LDAP Sync seems to be the only way to do this.
Another option would be to use the self service portal and simply let our users register there...
Thank you for reaching out to the Sophos Community.
The Sophos Central AD Sync Utility will be the correct one to use in this situation. The users that are synchronized into Sophos Central, will be usable in the Sophos Mobile section as well.
I recommend ensuring that the users you import will have e-mail addresses associated to their accounts, as this is necessary for Android Enterprise enrollments, this also makes the process of defining email account policies much easier.
thank you for your fast answer! A colleague has an additional question: Would the sync be also possible from an Azure Active Directory?
The users in our AAD do not contain all the data of the users from our local AD. Besides the correct mail-address is there other data which is required so all Central-features will work then?
Are there differences between synced accounts from a local AD and an AAD?
It’s possible to Sync from Azure AD to Sophos Central as well. There’s no significant difference between the two in terms of the information that will be imported into Sophos Central.
If you have any further questions stemming from this, you are welcome to reach back out on this thread.