Skip to main content
Welcome to Virtru's support portal. As we work to make this page more accessible to screen readers, please contact us at support@virtru.com for technical support.

Managing Users and Admins for an Azure Synced Domain (Users & Groups Page)

Steven Margolies
  • Updated

About

As the administrator of a synced Azure Active Directory (AD) Virtru team, you can use the Virtru Control Center's Users & Groups page to view all synced users, Organizational Units (OUs), and groups from your organization.

To learn more about how to leverage the Virtru Control Center, we recommend our Virtru Control Center Playbook for Administrators

Please Note: The Users & Groups page is slightly different depending on your account configuration. This article covers Azure synced domains.

If your team has performed an On-Prem Active Directory sync with Virtru, please go here: Managing Users for an On-Prem AD Synced Domain (Users & Groups Page)

If your team has performed a Google Workspace sync with Virtru, please go here: Managing Users and Admins for a Google Workspace Synced Domain (Users & Groups Page)

If your team has not synced with Virtru, please go here: Managing Users and Admins (Users Page)


Jump to:
Users Tab

-Adding and Removing Users (Refreshing a Sync from the Users Tab)
-Searching Users
-Filtering Users
-Sorting Users
-Exporting a List of Users
-Viewing and Managing User Permissions

Groups Tab
 -Searching Groups
-Refreshing a Sync from the Groups Tab
-Viewing and Managing Group Permissions

Users Tab

The Users tab displays the primary email address of all users in your Azure AD (per the last sync). You will also see whether users have activated a plugin and their Admin Roles. The page includes options to search, filter, and sort users, as well as the ability to manage administrative privileges. 

Users & Groups page Users tab

 

Adding and Removing Users (Refreshing a Sync from the Users Tab)

As a synced organization, all users from Azure have been pulled into Virtru, including users who may not receive a Virtru license. Within the Virtru Control Center, you will not be able to manually add or remove users. The user list will update with each sync refresh (details below).

If you have more users in Azure than Virtru licenses, then you will need to create a Virtru provisioning group for license management. Even with this provisioning group, the Control Center will not be a direct reflection of license consumption. If a user is marked "Activated", this just means that they activated a Virtru plugin at some point in the past. Non-licensed (non-provisioned) users can still activate plugins for read-only access and will appear as "Activated".

Above the list of users, you will find your last sync date and time. If you wish to update your user list and pull in changes from your Workspace, simply select the Refresh Now option:

Sync data and Refresh Now button

Note

Any changes to your Azure AD after the listed sync date will not be recognized by Virtru. To pull in these changes, please remember to refresh the sync. This includes changes to users, aliases, or groups, etc.

 

Searching Users

Using the Search bar at the top of the page, you can search users by email address, alias, or group address (using all lowercase):

Users tab Search bar

Search syntax can be found here: Searching for users in the Virtru Control Center 

 

Filtering Users

Using the left drop-down, admins can filter users by Activation status or Super Admin status:

User type filter drop-down

  • Non-Activated users are users who have never activated a Virtru plugin with their primary address.
  • Activated users are users who have activated a Virtru plugin with their primary account at any point in time.
  • Super Admins are users with full admin privileges. By default, Virtru Super Admins mirror your Azure Admins (as of your latest sync).

 

Using the right drop-down, admins can filter users by their OUs or Groups:

OUs and Groups filter drop-down

 

Multiple OUs can be viewed at once:

Selecting OUs to filter

 

Multiple Groups can be viewed at once:

Selecting groups to filter

Note

OUs and Groups cannot be filtered at the same time.

 

Sorting Users

By default, the page will display the first 20 users on your team alphabetically. If you have more than 20 users, you can navigate to various pages using the arrows on the right side of the page:

Page navigation arrows

 

Using the column titles, admins can also sort users by Email Address, Activation status, and Admin Role:

Sorting headers

 

Exporting a List of Users

To view a .csv of all users in the Control Center, admins can use the Export All Users button in the top right corner:

Export All Users button

This .csv will include the following:

  • All user email addresses
  • User activation statuses
  • User admin roles
  • A count of all users in the Control Center
  • A count of activated users
  • A count of unactivated users 

 

Viewing and Managing User Permissions

To view a user's administrative privileges, simply click on the user's email address. This will display their current status and privileges, and for applicable users, allow you to manage specific permissions. By default, Virtru mirrors Azure admins when assigning Virtru Super Administrator status. Virtru Super Administrators will have full Administrative Privileges:

Display Privledges

Non-Azure admins will not be Virtru Super Admins but can still receive some Administrative Privileges over specific OUs and/or Groups.

Privledges

To assign these privileges, click Add OU or Group, select one of the two from the drop-down, select one or more in that category, and click Add:

Add OU or Group

If a user is a member of a group that has been granted administrative privileges, they will inherit the privilege(s). Inherited privileges will be locked on the user's privilege menu with an indication of the source:

Inherited permissions

 

Groups Tab

The Groups tab displays all group distribution addresses pulled in during the most recent sync. The page includes options to search and sort group addresses, as well as the ability to manage administrative privileges for all users in a specific group.

Users & Groups page Groups tab

 

Searching Groups

Using the Search bar at the top of the page, you can search for specific group addresses (using all lowercase):

Groups tab Search bar

 

Refreshing a Sync from the Groups Tab

Above the list of groups, you will find your last sync date and time, as well as the option to Refresh Now:

Sync data and Refresh Now button

Note

Any changes to your Azure AD after that sync date will not be recognized by Virtru. Please remember to refresh the sync after making any changes in Azure that may affect Virtru (new users, new aliases, new groups, etc.).

 

Viewing and Managing Group Permissions

In addition to setting administrative privileges to individual users, Virtru admins can apply privileges to entire group addresses which will be inherited by all members of that group (as defined in your Azure AD per the most recent sync). To assign these privileges, click on the group email address of a group you wish to modify and select the permissions you wish to grant:

Group permissions

Groups of users can also be granted administrative privileges over specific OUs and/or Groups. To do so, click Add OU or Group, select one of the two, select one or more in that category, and click Add:

Group and OU permissions

Inherited privileges will be locked on the user's privilege menu with an indication of the source:

inherited permissions

Related articles