Configure onboarding and offboarding
Onboarding allows you to automatically add user accounts to
BlackBerry Gatewaybased on user membership in a company directory group. Directory groups and user accounts are added to
Gatewayduring the synchronization process.
If you enable onboarding, you can also choose to configure offboarding. When a user is disabled in the directory or removed from all company directory groups in the onboarding directory groups,
Gatewaydeletes the user account and stops allowing network connections from the user's devices.
You can use offboarding protection to delay the deletion of user accounts to avoid unexpected deletions because of directory replication latency. Offboarding protection delays offboarding actions for two hours after the next synchronization cycle.
- On the menu bar, clickGateway > Settings.
- UnderDirectory Connection, click the directory connection that you want to configure onboarding for.
- On theSync settingstab, selectDirectory onboarding.
- In theSyncfield, type the maximum number of changes you want to allow for each synchronization process.By default, there is no limit. If the number of changes to be synchronized exceeds the limit you set, the synchronization process stops. Changes include users added to groups, users removed from groups, users to be onboarded, and users to be offboarded.
- In theNesting levelfield, type the number of nested levels to synchronize for company directory groups. By default, there is no limit.
- To force the synchronization of directory groups, selectForce synchronization.If this option is selected, when a group is removed from your company directory, the links to that group are removed from onboarding directory groups and directory-linked groups. If not selected, if a company directory group is not found, the synchronization process is canceled.
- To delete a user account fromGatewaywhen a user is removed from all linked groups in the directory, selectDelete user when the user is removed from all onboarding directory groups. The first time that a synchronization cycle occurs after a user account is removed from all linked directory groups, the user account is deleted fromGateway.
- To prevent user accounts or device data from being deleted fromGatewayunexpectedly, selectOffboarding protection.Offboarding protection means that users will not be deleted fromGatewayuntil two hours after the next synchronization cycle.