OpenLM - OneDirectorySync

One single source of truth. Unlimited sync destinations.

Manage and protect your organization’s resources from one centralized hub. Sync changes from your main directory to unlimited cloud destinations.

What is OneDirectorySync?

The typical organization has its user data spread over multiple directories, devices, and services (such as SaaS). Managing all these resources can be a hassle, especially when changes occur in one directory that has to be synced with others (e.g. employee off-boarding). OneDirectorySync solves this problem by using your main organizational directory as a single source of truth while propagating the changes to any cloud destinations you have. Manage only one directory. We will do the rest.

Eliminate workspace security hazard

Automatically clean stale accounts out of your directories. Synchronize the changes made in the primary directory with any number of SaaS, IaaS or PaaS services such as Google Analytics, Firebase, Azure AD, GitLab, Salesforce, GitHub, Frontegg, Cloudflare, AWS Directory, Buddy, Odoo, Jira, and more.

Simplify Directory Management

With OneDirectorySync, you only need to worry about your organization’s primary directory. All your cloud directories and services will be automatically synced afterwards (or in the case of target directories which do not support account features such as removal – administrators are notified through email).

One Central Hub

OneDirectorySync is more than just synchronization as a service: it is the central cloud management tool that connects your primary directory to all cloud services used by your organization, such as Google Analytics, Azure AD, Gitlab, Salesforce, Frontegg, Cloudflare, and many more.

Take the first step towards hassle-free directory management with OneDirectorySync. Try it for free, today!


Secure Off-boarding

OneDirectorySync simplifies user off-boarding by acting as the central hub connecting all the resources of your digital workspace with your primary directory. If a user is removed from your primary directory – Active Directory, ApacheDS, Google Workspace, etc. – OneDirectorySync will automatically remove the account from all corporate applications, network appliances, routers, and VPNs.


Choose Your Automation

OneDirectorySync gives you the option of automated removal/disabling of an account or to receive a notification instead. System admins are then notified that the user is no longer with the company and that the account should be disabled.


Grows With You

OneDirectorySync is the industry's most scalable directory connector that helps you centralize resources and sync them securely from one place, as needed. Let OneDirectorySync save you the hassle of synchronizing your organization’s central identity directory with any number of external platforms.

How it works !

OneDirectorySync is a central hub that connects an organization’s cloud applications and digital workspace resources to a cloud-based synchronization service. To do that, OneDirectorySync uses two components: Directory Synchronization Service (DSS) and Directory Synchronization Agent (DSA).


DSA is the local component, which the IT administrator needs to download and install on the local network. This component reads the data from LDAP directories.


DSS is the cloud service the DSA connects to. DSS has a Web-based interface for setting synchronization rules.


OneDirectorySync receives data from DSS running in the background and then synchronizes the data with cloud applications or connected corporate resources.


So, when a user account is removed from the primary directory (e.g. the main local Active Directory), OneDirectorySync reads the change and sends it further to all the connected cloud applications.



Per user, per month billed annually

Synchronization offers multiple benefits:

OneDirectorySync is synchronization as a service that removes the user from all connected cloud application if the user was deleted from the organization’s primary directory.

To sync the organization’s Active Directory with OneDirectorySync you need to download a tiny piece of software called a DSA (Directory Synchronization Agent) and install it on your local network. You will also need to activate OneDirectorySync in the OpenLM Cloud Portal. The main directory configuration is done in DSS, the cloud service DSA connects to. DSA will fetch the data and save it in the ODS database in the cloud. 


When user data is synced in two directions, this means the service supports the mirroring of two data sources regardless of which one is changed. All newly available or modified data in the destination will be synchronized to the primary source and vice versa for all newly added or modified data in the primary source.

No. OneDirectorySync supports only one-way synchronization: from the organization’s directory to the external platform’s database. Any user changes made to the Active Directory – for example – will be reflected in the connected cloud applications’ database, but the user removal from a cloud application is not reflected in the central identity access management database, such as Active Directory. 

One-way directory synchronization comes with the benefit of managing only one primary directory, which will serve as a single source of truth for all online services/accounts in the organization’s portfolio. 

Any changes made in the primary directory – for example, Active Directory, Azure AD, etc. – are automatically mirrored in the connected SaaS services such as Google Analytics, Jira, etc. The schedule of the synchronization process can be customized.  

You need to manage only the primary directory and connect the rest of the SaaS accounts/services to the hub we call OneDirectorySync. If an employee leaves the company, you don’t need to manually remove the account from all SaaS services. Just remove the user data from the organization’s primary directory, and ODS will do the rest: it will delete the account from all connected SaaS services. 

Skip to content