Release Documentation (#653)

* Stage (#636) * Initial Draft. To do: "How it Works" + Event Logs, User Types, Plans & Pricing, Release Notes. * whoops, missed one * Merge latest into working (#616) * Update proof-of-concept.md (#607) The "Download Bitwarden" link was going to the Apple Store (https://get.bitwarden.com/) rather than the "Downloads" page (https://bitwarden.com/download/). * Update proof-of-concept.md (#610) * Create enterprise-feature-list.md (#611) * Azure SSO HiFi Documentation (#584) * azure HiFi documentation * finalize azure * typo fixes * Google Workspace HiFi SSO Documentation (#605) * Duo HiFi documentation (#598) * Buncha Stuff (#612) * clarification on where to find legacy mac .dmg * tip for update email address * code vetting security faq * /managing-items/ refactor * two-step login 'remember me' duration * small updates, including denoting purpose of the globe icon * additional tip for deleting users in a self-host org! * uri component pieces * encryption key edit * importing cleanup * notes re: importing on file attachements * Removes custom Safari shortcut docs (#499) Bitwarden 1.25.0 on MacOS with Safari seems to use the standard MacOS shortcut for autofill (`Cmd + Shift + L`) and the custom Safari shortcuts no longer work (`Cmd + \ or Cmd + 8 or Cmd + Shift + P`). * Update Microsoft Store Installation path (#614) * Correct path for Microsoft Store app (#615) Co-authored-by: Andrea Lebron <78605241+alebr-on@users.noreply.github.com> Co-authored-by: baylorrandolph <70168800+baylorrandolph@users.noreply.github.com> Co-authored-by: Charles Renwick <crenwick@users.noreply.github.com> Co-authored-by: Alex <abanay@bitwarden.com> * mpwr event logging * mpwr user permissions * admin pw reset 2nd draft * final(ish) draft * password reprompt * initial bwdc updates (to do: update cli login procedure) * update personal api key article to better distingush from org api key * refactors bwdc desktop app article * clearer instructions for getting api key * bwdc cli login scheme * Bulk Org User Actions * export event logs * cli get notes * send cli --maxAccessCount * autofill on page load enhancements * onpageload TOTP copy * release notes & typo Co-authored-by: Andrea Lebron <78605241+alebr-on@users.noreply.github.com> Co-authored-by: baylorrandolph <70168800+baylorrandolph@users.noreply.github.com> Co-authored-by: Charles Renwick <crenwick@users.noreply.github.com> Co-authored-by: Alex <abanay@bitwarden.com> * typo fix * fix * fix * fix * mpwr final * mpw reprompt - better gif * finalize event logs * fixes to autofill o.p.l. & better screenshot * directory connector large sync * reorder rn * edits from cscharf * fix date * mp re-prompt warning * mobile re-prompt notes * downcase it * semi-vague timeline tweak Co-authored-by: Andrea Lebron <78605241+alebr-on@users.noreply.github.com> Co-authored-by: baylorrandolph <70168800+baylorrandolph@users.noreply.github.com> Co-authored-by: Charles Renwick <crenwick@users.noreply.github.com> Co-authored-by: Alex <abanay@bitwarden.com>
2025-12-10 13:23:16 +00:00 · 2021-06-28 13:39:33 -04:00
parent 8249a78f54
commit 9be8c67fa8
38 changed files with 384 additions and 165 deletions
--- a/_articles/directory-connector/azure-active-directory.md
+++ b/_articles/directory-connector/azure-active-directory.md
@@ -92,6 +92,7 @@ Complete the following steps to configure the settings used when syncing using D
 |Interval|Time between automatic sync checks (in minutes).|
 |Remove disabled users during sync|Check this box to remove users from the Bitwarden Organization that have been disabled in your directory.|
 |Overwrite existing organization users based on current sync settings|Check this box to always perform a full sync and remove any users from the Bitwarden Organization if they are not in the synced user set.|
+|More than 2000 users or groups are expected to sync.|Check this box if you expect to sync 2000+ users or groups. If you don't check this box, Directory Connector will limit a sync at 2000 users or groups.|
 |Sync users|Check this box to sync users to your Organization.<br><br>Checking this box will allow you to specify **User Filters**.|
 |User Filter|See [Specify Sync Filters](#specify-sync-filters).|
 |Sync Groups|Check this box to sync groups to your Organization. Checking this box will allow you to specify **Group Filters**.|
--- a/_articles/directory-connector/directory-sync-cli.md
+++ b/_articles/directory-connector/directory-sync-cli.md
@@ -12,7 +12,7 @@ The Directory Connector CLI is suited toward work in environments where a deskto

 ## Getting Started

-Complete the following steps to get started with the Bitwarden Directory Connector CLI:
+To get started using the Bitwarden Directory Connector CLI:

 1. Download the CLI from one of the following links:
   - [{% icon fa-windows %} Windows CLI](https://vault.bitwarden.com/download/?app=connector&platform=windows&variant=cli-zip)
@@ -48,28 +48,32 @@ Complete the following steps to get started with the Bitwarden Directory Connect

 ### login

-Use the `login` command to login to Directory Connector with your Bitwarden Account. You must be an Admin or Owner for your Organization to use Directory Connector (for more information, see [User Types and Access Controls]({% link _articles/organizations/user-types-access-control.md %})).
-```
-bwdc login [options] [email] [password]
-```
+Use the `login` command to login to Directory Connector with your [Organization API Key]({{site.baseurl}}/article/public-api/#authentication).  If you don't have the API Key, reach out to an [Organization Owner]({{site.baseurl}}/article/user-types-access-control/). There are a few ways to use the `login` command:

-Options include:
- `--method`: Use this options to specify the [Two-step Login method]({% link _articles/two-step-login/setup-two-step-login.md %}) to use.
-   - `0` = Authenticator App
-   - `1` = Email
-   - `3` =  YubiKey
- `--code`: Use this option to specify the [Two-step Login]({% link _articles/two-step-login/setup-two-step-login.md %}) code for the specified `method`.
- `--sso`: Use this option to [Login with SSO]({% link _articles/login-with-sso/about-sso.md %}). Selecting this option will open the SSO Login Flow in your Web Browser. For more information, see [Access your Vault Using SSO]({% link _articles/login-with-sso/sso-access-your-vault.md %}).
+- By itself:

-For example:
+  ```
+  bwdc login
+  ```

-{% callout warning %}
-Contrary to the following example, it's generally not recommended to enter your password inline, as this will save it to the history of the shell. Leaving the password out of the initial command will cause Bitwarden to prompt for it, which will not save it.
-{% endcallout %}
+  Passing `bwdc login` by itself will prompt you to subsequently enter `client_id` and `client_secret`.
+- With parameters:

-```
-bwdc login bwuser@gmail.com mystrongpassword --method 0 --code 204678
-```
+  ```
+  bwdc login organization.b5351047-89b6-820f-ad21016b6222 yUMB4trbqV1bavhEHGqbuGpz4AlHm9
+  ```
+- With saved environment variables:
+
+  ```
+  BW_CLIENTID="organization.b5351047-89b6-820f-ad21016b6222"
+  BW_CLIENTSECRET="yUMB4trbqV1bavhEHGqbuGpz4AlHm9"
+
+  bwdc login
+  ```
+
+  Saving the environment variables `BW_CLIENTID` and `BW_CLIENTSECRET` allows you to login to Directory Connector using only `bwdc login`, which will check for those variables and use them if present.
+
+  If these environment variables aren't present, you will be prompted to enter your `client_id` and `client_secret`.

 ### logout

@@ -135,7 +139,9 @@ Options include:
 - `okta.token <token>`
 - `onelogin.secret <secret>`

+{% callout success %}
 `ldap.password`, `azure.key`, `gsuite.key`, `okta.token`, and `onelogin.secret` can **only** be modified from the CLI using `bwdc config`, or from the [Desktop Application]({% link _articles/directory-connector/directory-sync-desktop.md %}).
+{% endcallout %}

 ### data-file

--- a/_articles/directory-connector/directory-sync-desktop.md
+++ b/_articles/directory-connector/directory-sync-desktop.md
@@ -8,53 +8,30 @@ tags: []
 order: 02
 ---

-Download the latest version of the Directory Connector Desktop App from our [GitHub releases page](https://github.com/bitwarden/directory-connector/releases){:target="_blank"} or by using one of the following official links:
+The Directory Connector Desktop App is a standalone desktop application that can be used to sync users, groups, and group associations from a selection of directory services.

- [{% icon fa-windows %} Windows Installer (.exe)](https://vault.bitwarden.com/download/?app=connector&platform=windows)
- [{% icon fa-windows %} Windows Portable (.exe)](https://vault.bitwarden.com/download/?app=connector&platform=windows&variant=portable)
- [{% icon fa-apple %} macOS (.dmg)](https://vault.bitwarden.com/download/?app=connector&platform=macos)
- [{% icon fa-linux %} Linux (.AppImage)](https://vault.bitwarden.com/download/?app=connector&platform=linux)
+{% image directory-connector/app.png Directory Connector Desktop App %}

-## Setup
+Directory Connector is also available as a [CLI Tool]({{site.baseurl}}/article/directory-sync-cli). The Desktop App and CLI [share a database and configurations]({% link _articles/directory-connector/directory-sync-shared.md %}), so you may choose to use both, however simultaneous use is not recommended.

-Directory Connector configuration will vary based on the directory type in use. Use one of the following articles for instruction:
+## Getting Started

- [Sync with Active Directory or LDAP]({% link _articles/directory-connector/ldap-directory.md %})
- [Sync with Azure Active Directory]({% link _articles/directory-connector/azure-active-directory.md %})
- [Sync with G Suite (Google)]({% link _articles/directory-connector/gsuite-directory.md %})
- [Sync with Okta]({% link _articles/directory-connector/okta-directory.md %})
- [Sync with OneLogin]({% link _articles/directory-connector/onelogin-directory.md %})
+To get started using the Directory Connector Desktop App:

-{% callout info %}
-**If you're using a self-hosted version of Bitwarden**, you must change the Server URL used by the Directory Connector application:
+1. Download the latest version of the app from our [GitHub releases page](https://github.com/bitwarden/directory-connector/releases){:target="_blank"} or by using one of the following official links:

-1. Log out of Directory Connector.
-2. On the Login screen, select the **Settings** button.
-3. In the **Server URL** field, enter the domain name for your self-hosted instance with `https://`. For example, `https://bitwarden.example.com`.
-4. Select the **Save** button.
-{% endcallout %}
+   - [{% icon fa-windows %} Windows Installer (.exe)](https://vault.bitwarden.com/download/?app=connector&platform=windows)
+   - [{% icon fa-windows %} Windows Portable (.exe)](https://vault.bitwarden.com/download/?app=connector&platform=windows&variant=portable)
+   - [{% icon fa-apple %} macOS (.dmg)](https://vault.bitwarden.com/download/?app=connector&platform=macos)
+   - [{% icon fa-linux %} Linux (.AppImage)](https://vault.bitwarden.com/download/?app=connector&platform=linux)

-## Using Directory Connector
+2. **If you're using a self-hosted version of Bitwarden**, change the Server URL used by Directory Connector before logging in:

-The following sections will walk you through typical actions taken with the Desktop App.
-
-In all cases, log in with a Bitwarden user account that is an Admin or Owner for the relevant Organization(s). For more information, see [User Types and Access Control]({% link _articles/organizations/user-types-access-control.md %}).
-
-### Connect to a Bitwarden Organization
-
-Complete the following steps to specify which Bitwarden Organization to sync to:
-
-1. Open the Directory Connector application.
-2. Navigate to the **Settings** tab.
-3. In the **Account** section, select your Organization from the dropdown.
-
-### Configure Sync Options
-
-Complete the following steps to configure options for your sync:
-
-1. Open the Directory Connector application.
-2. Navigate to the **Settings** tab.
-3. In the **Sync** section, configure the available options as desired. Available **Sync Options** depend on the directory type in use, so refer to one of the following articles for a list of options available to you:
+   1. On the Login screen, select **Settings**.
+   2. In the **Server URL** field, enter the domain name for your self-hosted instance with `https://`. For example, `https://your.domain.bitwarden.com`.
+   3. Select **Save**.
+3. Log in to Directory Connector using your [Organization API Key]({{site.baseurl}}/article/public-api/#authentication). If you don't have the API Key, reach out to an [Organization Owner]({{site.baseurl}}/article/user-types-access-control/).
+4. On the {% icon fa-cogs %} **Settings** tab, connect to your directory and configure [sync options]({{site.baseurl}}/article/user-group-filters/). This procedure will vary based on the directory in use, so refer to one of the following articles for instruction:

   - [Sync with Active Directory or LDAP]({% link _articles/directory-connector/ldap-directory.md %})
   - [Sync with Azure Active Directory]({% link _articles/directory-connector/azure-active-directory.md %})
@@ -62,36 +39,27 @@ Complete the following steps to configure options for your sync:
   - [Sync with Okta]({% link _articles/directory-connector/okta-directory.md %})
   - [Sync with OneLogin]({% link _articles/directory-connector/onelogin-directory.md %})

-{% callout success %}
-When you're finished configuring, navigate to the **More** tab and select the **Clear Sync Cache** button to prevent potential conflicts with prior sync operations. For more information, see [Clear Sync Cache]({% link _articles/directory-connector/clear-sync-cache.md %}).
-{% endcallout %}
+   {% callout success %}If you're re-configuring sync options, rather than setting them for the first time, navigate to the **More** tab and select the **Clear Sync Cache** button to prevent potential conflicts with prior sync operations ([learn more]({{site.baseurl}}/article/clear-sync-cache/)).{% endcallout %}
+5. On the {% icon fa-cogs %} **Settings** tab, select you Organization from the Organization dropdown.
+6. **Perform a Test Sync**. To check that your directory connection and sync options are successfully configured and working as expected:

-### Perform a Sync Test
+   1. Open the {% icon fa-dashboard %} **Dashboard** tab.
+   2. Select the **Test Now** button.

-Perform a sync test to check that all configured settings are in-place and working as expected. Sync tests will query the directory server and print the results to the Directory Connector **Dashboard**.
+Sync testing will query the directory server and print the results to the dashboard. If the printed results match your expectations, you're ready to [start syncing](#sync-with-directory-connector).

-1. Open the Directory Connector application.
-2. Navigate to the **Dashboard** tab.
-3. In the **Testing** section, select the **Test Now** button.
+## Sync with Directory Connector

-### Perform a Manual Sync
+Directory Connector can be used to run a one-time [manual sync](#manual-sync) or [automatic sync polling](#automatic-sync):

-Complete the following steps to run a one-time manual sync between your directory and your Bitwarden Organization:
+### Manual Sync

-1. Open the Directory Connector application.
-2. Navigate to the **Dashboard** tab.
-3. In the **Sync** section, select the the **Sync Now** button.
+To run a one-time manual sync from your directory to your Bitwarden Organization, open the {% icon fa-dashboard %} **Dashboard** tab and select the {% icon fa-refresh %} **Sync Now** button.

-Your synced users and groups will be immediately available in your Bitwarden Organization. Added users will receive an email invite to your Organization.
+Synced users will be invited to your Organization, and groups will be immediately created.

-### Start Automatic Sync
+### Automatic Sync

-Complete the following steps to start automatic sync polling with Directory Connector:
+Automatic syncing will poll your directory based on the **Interval** specified in your [sync options]({{site.baseurl}}/article/user-group-filters/) as long as the application is open. If you exit or close the application, automatic sync polling will stop.

-1. Open the Directory Connector application.
-2. Navigate to the **Dashboard** tab.
-3. In the **Sync** section, select the **Start Sync** button.
-
-Directory Connector will begin polling your directory based on the **Interval** specified in your **Sync Options**.
-
-If you exit or close the application, automatic sync will stop. To keep Directory Connector running in the background, minimize the application or hide it to the system tray.
+To start automatic sync polling with Directory Connector, open the {% icon fa-dashboard %} **Dashboard** tab and select the {% icon fa-play %} **Start Sync** button.
--- a/_articles/directory-connector/directory-sync.md
+++ b/_articles/directory-connector/directory-sync.md
@@ -12,10 +12,10 @@ order: 01

 The Bitwarden Directory Connector application syncs users and groups to a Bitwarden Organization from a selection of directory services. Directory Connector **will automatically provision and de-provision users, groups, and group associations** from the source directory.

-Directory Connector will issue invitations to synced users, however it will not automatically construct Bitwarden credentials based on any credentials stored in the source directory. Invited users will be required to follow the normal Organization onboarding procedure (see [Add or Remove Users](https://bitwarden.com/help/article/managing-users/#invited-users)) and log in with the created Bitwarden Master Password. 
+Directory Connector will issue invitations to synced users, however it will not automatically construct Bitwarden credentials based on any credentials stored in the source directory. Invited users will be required to follow the normal Organization [onboarding procedure]({{site.baseurl}}/article/managing-users/#onboard-users) and log in with the created Bitwarden Master Password.

 {% callout info %}
-Directory Connector functionality is available to **Teams** and **Enterprise** organizations. To use Directory Connector, you must be an Organization Admin or Owner (for more information, see [User Types and Access Control]({% link _articles/organizations/user-types-access-control.md %})).
+Directory Connector functionality is available to **Teams** and **Enterprise** Organizations. To use Directory Connector, you must have access to your [Organization API Key]({{site.baseurl}}/article/public-api/#authentication) which can only be retrieved by an [Organization Owner]({{site.baseurl}}/article/user-types-access-control/) and securely shared using [Bitwarden Send]({{site.baseurl}}/article/about-send/).
 {% endcallout %}

 {% image /directory-connector/dc-diagram.png %}
@@ -41,7 +41,20 @@ Directory Connector is available as a cross-platform [Desktop Application]({% li

 Use the following links to download Directory Connector:

-#### Download the Desktop App
+<ul class="nav nav-tabs" id="myTab" role="tablist">
+  <li class="nav-item" role="presentation">
+    <a class="nav-link active" id="desktab" data-bs-toggle="tab" data-target="#desk" role="tab" aria-controls="desk" aria-selected="true">Desktop App</a>
+  </li>
+  <li class="nav-item" role="presentation">
+    <a class="nav-link" id="clitab" data-bs-toggle="tab" data-target="#cli" role="tab" aria-controls="cli" aria-selected="false">CLI</a>
+  </li>
+</ul>
+
+<div class="tab-content" id="clientsContent">
+  <div class="tab-pane show active" id="desk" role="tabpanel" aria-labelledby="desktab">
+{% capture desktop %}
+
+#### Download Desktop App

 Download the latest version of the Directory Connector Desktop App from our [GitHub releases page](https://github.com/bitwarden/directory-connector/releases){:target="_blank"} or by using one of the following official links:

@@ -50,7 +63,13 @@ Download the latest version of the Directory Connector Desktop App from our [Git
 - [{% icon fa-apple %} macOS (.dmg)](https://vault.bitwarden.com/download/?app=connector&platform=macos)
 - [{% icon fa-linux %} Linux (.AppImage)](https://vault.bitwarden.com/download/?app=connector&platform=linux)

-#### Download the CLI Tool
+{% endcapture %}
+{{ desktop | markdownify }}
+  </div>
+  <div class="tab-pane" id="cli" role="tabpanel" aria-labelledby="clitab">
+{% capture commandline %}
+
+#### Download CLI Tool

 Download the latest version of the Directory Connector CLI from one of the following links:

@@ -58,6 +77,11 @@ Download the latest version of the Directory Connector CLI from one of the follo
 - [{% icon fa-apple %} macOS CLI](https://vault.bitwarden.com/download/?app=connector&platform=macos&variant=cli-zip)
 - [{% icon fa-linux %} Linux CLI](https://vault.bitwarden.com/download/?app=connector&platform=linux&variant=cli-zip)

+{% endcapture %}
+{{ commandline | markdownify }}
+  </div>
+</div>
+
 ## Source code

 As with everything at Bitwarden, the Directory Connector is open source and hosted on GitHub at [github.com/bitwarden/directory-connector](https://github.com/bitwarden/directory-connector).
--- a/_articles/directory-connector/gsuite-directory.md
+++ b/_articles/directory-connector/gsuite-directory.md
@@ -106,6 +106,7 @@ Complete the following steps to configure the setting used when syncing using Di
 |Interval|Time between automatic sync checks (in minutes).|
 |Remove disabled users during sync|Check this box to remove users from the Bitwarden Organization that have been disabled in your directory.|
 |Overwrite existing organization users based on current sync settings|Check this box to always perform a full sync and remove any users from the Bitwarden Organization if they are not in the synced user set.|
+|More than 2000 users or groups are expected to sync.|Check this box if you expect to sync 2000+ users or groups. If you don't check this box, Directory Connector will limit a sync at 2000 users or groups.|
 |Sync users|Check this box to sync users to your Organization.<br><br> Checking this box will allow you to specify a **User Filter**.|
 |User Filter|See [Specify Sync Filters](#specify-sync-filters).|
 |Sync groups|Check this box to sync groups to your Organization.<br><br>Checking this box will allow you to specify a **Group Filter**.|
--- a/_articles/directory-connector/ldap-directory.md
+++ b/_articles/directory-connector/ldap-directory.md
@@ -65,6 +65,7 @@ If you are using Active Directory, many of these settings are predetermined for
 |Interval|Time between automatic sync check (in minutes).|
 |Remove disabled users during sync|Check this box to remove users from the Bitwarden Organization that have been disabled in your Organization.|
 |Overwrite existing organization users based on current sync settings|Check this box to fully overwrite the user set on each sync, including removing users from your Organization when they're absent from the directory user set.<br><br>**If for any reason an empty sync is run when this options is enabled, Directory Connector will remove all users.** Always run a [Test Sync](#test-a-sync) prior to syncing after enabling this option.|
+|More than 2000 users or groups are expected to sync.|Check this box if you expect to sync 2000+ users or groups. If you don't check this box, Directory Connector will limit a sync at 2000 users or groups.|
 |Member Attribute|Name of the attribute used by the directory to define a group's membership (e.g. `uniqueMember`).|
 |Creation Data Attribute|Name of the attribute used by the directory to specify when an entry was created (e.g. `whenCreated`).|
 |Revision Date Attribute|Name of the attribute used by the directory to specify when an entry was last changed (e.g. `whenChanged`).|
--- a/_articles/directory-connector/okta-directory.md
+++ b/_articles/directory-connector/okta-directory.md
@@ -51,6 +51,7 @@ Complete the following steps to configure the settings used when syncing using D
 |Interval|Time between automatic sync checks (in minutes).|
 |Remove disabled users during sync|Check this box to remove users from the Bitwarden Organization that have been disabled in your directory.|
 |Overwrite existing organization users based on current sync settings|Check this box to always perform a full sync and remove any users from the Bitwarden Organization if they are not in the synced user set.|
+|More than 2000 users or groups are expected to sync.|Check this box if you expect to sync 2000+ users or groups. If you don't check this box, Directory Connector will limit a sync at 2000 users or groups.|
 |Sync users|Check this box to sync users to your Organization.<br><br>Checking this box will allow you to specify **User Filters**.|
 |User Filter|See [Specify Sync Filters](#specify-sync-filters).|
 |Sync Groups|Check this box to sync groups to your Organization.<br><br>Checking this box will allow you to specify **Group Filters**.|
--- a/_articles/directory-connector/onelogin-directory.md
+++ b/_articles/directory-connector/onelogin-directory.md
@@ -50,6 +50,7 @@ Complete the following steps to configure the settings used when syncing using D
 |Interval|Time between automatic sync checks (in minutes).|
 |Remove disabled users during sync|Check this box to remove users from the Bitwarden Organization that have been disabled in your directory.|
 |Overwrite existing organization users based on current sync settings|Check this box to always perform a full sync and remove any users from the Bitwarden Organization if they are not in the synced user set.<br><br>**Recommended for OneLogin directories.**|
+|More than 2000 users or groups are expected to sync.|Check this box if you expect to sync 2000+ users or groups. If you don't check this box, Directory Connector will limit a sync at 2000 users or groups.|
 |If a user has no email address, combine a username prefix with a suffix value to form an email|Check this box to form valid email options for users that do not have an email address. **Users without real or formed email addresses will be skipped by Directory Connector.**<br><br>Formed Email = `username` + **Email Suffix**|
 |Email Suffix|A string (`@example.com`) used to create a suffix for formed email addresses.|
 |Sync users|Check this box to sync users to your Organization.<br><br>Checking this box will allow you to specify **User Filters**.|
--- a/_articles/directory-connector/user-group-filters.md
+++ b/_articles/directory-connector/user-group-filters.md
@@ -22,3 +22,24 @@ Available Sync Options and Filter syntaxes are different for each directory serv
 {% callout success%}
 If you're using the Directory Connector CLI, see [Directory Connector File Storage]({% link _articles/directory-connector/directory-sync-shared.md %}) for help editing your `data.json` configuration file.
 {% endcallout %}
+
+## Large Syncs
+
+Regardless of which directory you're syncing from, enable the **More than 2000 users or groups are expected to sync.** option to signal to Directory Connector that you're expecting a large number of users or groups:
+
+{% image directory-connector/largesync.png Signal a Large Sync%}
+
+You may also enable this option directly in the Directory Connector [configuration file]({{site.baseurl}}/article/directory-sync-shared/#config-file) (`data.json`) by setting `"largeImport": true`:
+
+```
+"syncConfig": {
+  ...,
+  ...,
+  ...,
+  "largeImport": true
+  },"
+```
+
+{% callout info %}
+If you don't enable this option, Directory Connector will limit a sync to 2000 users or groups.
+{% endcallout %}