Workspace ONE Access supports syncing users that are migrated from one Active Directory domain to another without requiring any additional configuration. This feature is supported with Workspace ONE Access connector version 20.01 and later.

Follow these guidelines:

  • If a user is migrated from one domain to another domain within the same Workspace ONE Access Integrated Windows Authentication (IWA) directory, Workspace ONE Access automatically syncs the user to the correct domain during the next sync.
  • If a user is migrated from one domain to another domain within the same Workspace ONE Access Global Catalog directory, Workspace ONE Access automatically syncs the user to the correct domain during the next sync.
  • If a user is migrated from a domain in one Workspace ONE Access directory to a domain in another Workspace ONE Access directory, perform the following steps:
    1. After migrating the user in Active Directory, go to the Workspace ONE Access console and sync the source directory (the directory to which the user originally belonged).

      The migrated user is deleted from the Workspace ONE Access directory during the sync.

    2. Sync the target directory (the directory to which the user was migrated).

      The migrated user is synced to the Workspace ONE Access directory.

    Note: If you sync the target directory before the source directory, the migrated user is not added to the target directory in Workspace ONE Access and an alert appears in the directory’s Sync Log page. To resolve the issue, sync the source directory, then sync the target directory again.