Forum Discussion
After Microsoft Graph Connector non-aad user sync, search works with non-aad user's permission?
Hello, This is Johnny.
I am wondering after syncing aad users and non-aad users when we build Microsoft Graph Connector, search works with non-aad user's permission?
For example, non-aad users have it's permission to access external data source such as Salesforce.
And After syncing aad users and non-aad users, aad users synced with non-aad users access the data in external data sources with it's original data access permissions(Salesforce data access permissions) applied?
I have read the below docs, and it seems like just mapping the user and aad users can access all the data in Salesforce.
https://learn.microsoft.com/en-us/microsoftsearch/salesforce-connector
Thank you in advance!
2 Replies
Rajdeep_ChandaMicrosoft
Hi johnnyhong, mapping non-aad users to aad allows the users in salesforce to see the same access pattern in Microsoft search. Microsoft search uses aad for providing access which is derived from the non-aad access in salesforce. If you change non-aad permissions in salesforce, the data would be synced again during the next full crawl into aad and users can again see the same access pattern in Microsoft search as in salesforce.
If I get this right, once aad users and non-aad users mapped, an aad user can search salesforce with the permission of a non-aad user mapped.
Am I understand correctly?
