Integrating with an existing directory service enables you to pull in users automatically. It eliminates the need of having to add users manually to the AirWatch Console. For more information, see Basic vs. Directory Services Enrollment.

Every directory user you want to manage through AirWatch Mobile Device Management (MDM) must have a corresponding user account in the AirWatch Console.

You can directly add your existing directory services users to AirWatch using one of the following methods.

  • Batch upload a file containing all your directory services users. The act of batch importing automatically creates a user account.
  • Create an AirWatch user accounts one at a time by entering the directory user name and selecting Check User to auto-populate remaining details.
  • Do not import in bulk nor manually create user accounts and instead allow all directory users to self-enroll at enrollment time.

Pros

  • End users authenticate with existing corporate credentials.
  • Can automatically detect and sync changes from the directory system into AirWatch.
  • Secure method of integrating with your existing directory service.
  • Standard integration practice.
  • Can be used for Workspace ONE Direct Enrollment.
  • SaaS deployments using the VMware Enterprise Systems Connector require no firewall changes and offers a secure configuration to other infrastructures, such as Microsoft ADCS, SCEP, and SMTP servers.

Cons

  • Requires an existing directory service infrastructure.
  • SaaS deployments require additional configuration due to the VMware Enterprise Systems Connector being installed behind the firewall or in a DMZ.