CloudPortal Services Manager AD Sync Services synchronize customer OUs in the hosted domain controller with user changes in the external domain controllers. The service enables users to connect to hosted services with the same credentials they use for their local domain.
The AD Sync service requires no installation on the hosted environment and uses the CloudPortal Services Manager API to perform the synchronization. An AD Sync client installed on each external domain controller communicates with the API. This interface is a one-way connection that can be customized to synchronize specific Active Directory information.
API requests are encrypted using a combination of a public/private key and a symmetric key (RSA and AES) to securely transfer data and credentials. The data in the request is also hashed (SHA1) to prevent unauthorized changes.
The following diagram shows a typical installation scenario.