Skip to main content
Skip table of contents

Connect to your local Active Directory

sapio365 supports hybrid Microsoft 365 environments. When you create a session in sapio365 by signing into your tenant, sapio365 detects the tenant's cloud domains and the associated on-prem domain if applicable.

Follow the steps below to make sure there is a proper connection with your on-prem environment.

Multiple on-prem Active Directories

A sapio365 session for a hybrid tenant will only connect to a single on-prem Active Directory. If your tenant synchronizes with multiple on-prem Active Directories, you will need to create a separate session for each with specific connection parameters. Note that since a sapio365 session is unique to the signed-in user, you will also need to login to sapio365 with a different user account that is synced from each on-prem Active Directory.

RSAT installation required

You must have RSAT installed on your machine where sapio365 is installed on. sapio365 will use the credentials that are used to connect to the AD DS on that machine by default. You can change them in the Connection Parameters (shown as step 4 below).

1 - Check if sapio365 is connected

In the main window of sapio365, click on 'Edit On-Prem Settings'.

Here, you will see a list of your associated cloud and on-prem domains. If you don't see your on-prem domain or if there is an error like the one below, then go to step 4 to configure Connection Parameters.

2 - Enable on-prem data retrieval

Set 'Enable' to true in order to be able to retrieve your on-prem users and groups in their relative modules. You can also choose to load your on-prem data in those modules automatically. If the toggle is disabled, then go to step 4 to configure Connection Parameters

3 - Configure "Force Sync"

Enter your computer name of the Azure AD Connect server in order to use the 'Force sync' feature in the Users and Groups modules. Troubleshoot Force Sync error (WinRM).

4 - (Optional) Enter Active Directory connection parameters

If your Windows credentials are not the ones you use to connect to AD DS, then enter them here along with the password, and the AD server address (especially if you have a remote connection). Then go back to step 2 to make sure that you can toggle Enable to True.

If you still encounter errors, please contact us via the chat in the tool (bottom right in main window) or send us an email at

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.