This article contains frequently asked questions about the Active Directory Synchronization feature.
When Does Active Directory Synchronization Run?
Active Directory synchronization runs every five hours, starting at 8am, with the last synchronization starting 11pm. These times are based on the local time of the server where the Mimecast Synchronization Engine is installed.
How are Disabled Users Identified?
Mimecast uses the userAccountControl Active Directory attribute to calculate the status of a user.
What Happens if I Delete a User in Active Directory?
Users deleted from the company directory aren't removed from Mimecast on the synchronization after the user was deleted. However they are switched from a Directory Generated user to a standard Mail Flow user. This has an effect on mail flow for the user if recipient validation is configured for known LDAP users only.
What Happens if I Delete a Group in Active Directory?
Groups deleted from Active Directory are removed from Mimecast on the synchronization after the group was deleted, unless the group is being used in a policy or definition.
What Active Directory Attributes are Synchronized with Mimecast?
See the Active Directory Synchronization Attributes page for full details of the attributes synchronized by default. You must have a Mimecaster Central logon to access this page.