Supported and unsupported scenarios for migration
The following existing configurations are supported for migration.
Scenario 1 – Condeco customers with Forms users created by Condeco.
- Choose Forms as the user type.
- Push existing users as new users via the SCIM “CreateUser“ endpoint. When done, only SCIM can sync/map the user internally.
Existing Forms users are not available automatically via SCIM until they are pushed as new users as per the SCIM standard.
When complete the users are available via the SCIM API to perform actions such as get, update, delete, etc.
Scenario 2 – Condeco customers using SSO and the user source is Azure AD
- Choose SSO as the user type.
Existing AD users are not available automatically via SCIM until the customer performs the steps below.
- Configure the SCIM application in Azure AD by following the “Admin Guide”, and start user provisioning.
- When the initial sync is complete, all Azure AD users are synced/mapped internally with SCIM.
The Condeco user record now synchronizes automatically with the Azure AD user record.
Scenario 3 – Condeco customers using SSO and the user source is Azure AD – users have registered for Condeco via the Condeco Self Registration page.
For SSO users, each user account must have the associated Azure AD GUID stored in the Condeco user record. However, users who registered for Condeco via the Self Registration page, do not have the Azure AD GUID stored.
- Update your Condeco users with the related Azure AD GUID.
- When the GUIDs are stored in Condeco, refer to Scenario 2.
Scenario 4 – Condeco customers using SSO and the user source is a hybrid Azure AD environment.
Condeco has tested and verified the following scenario for a hybrid on-premises/Azure AD environment.
- First, synchronize user data from the on-premises AD to Azure AD using Azure AD Connect.
Passwords and password settings:
a) Ensure user passwords are synchronized from on-premises AD to Azure AD, otherwise the user login from Condeco will fail.
b) The User must change password at next logon setting in the user’s AD profile must be unchecked when synchronizing from on-premises AD to Azure AD.
- Then synchronize user data from Azure AD to Condeco via the SCIM application.
The following scenarios are not supported for migration.
Not supported – Scenario 5 – Condeco customers using SSO and the user source is HR feed (on-premises Active Directory)
Hosted AD does not support SCIM.