Get Started
Log In
HomeProductsDownloadPricingHelpBlogContactTalk to SalesGet StartedLog In

Sync Options and Filters

When configuring the Directory Connector application, you can use a variety of Sync Options and Filters to customize your sync operation and limit the users and/or groups that are processed to your Bitwarden Organization.

Available Sync Options and Filter syntaxes are different for each directory server type. Refer to the Configure Sync Options and Specify Sync Filters sections of one of the following articles for help:

  • Sync with Active Directory or LDAP

  • Sync with Azure Active Directory

  • Sync with G Suite (Google)

  • Sync with Okta

  • Sync with OneLogin


If you're using the Directory Connector CLI, see Directory Connector File Storage for help editing your data.json configuration file.

Large Syncs

Regardless of which directory you're syncing from, enable the More than 2000 users or groups are expected to sync option to signal to Directory Connector that you're expecting a large number of users or groups:

Signal a Large Sync
Signal a Large Sync

You may also enable this option directly in the Directory Connector configuration file (data.json) by setting "largeImport": true:

"syncConfig": {
  "largeImport": true

If you don't enable this option, Directory Connector will limit a sync to 2000 users or groups.

Overwriting Syncs


This option is for very specific use-cases or debugging purposes and is disabled by default.

By enabling this option, every user except one Owner user and every Group will be removed and re-added by a sync, replacing them with the user list and/or group list that is fetched from the source directory.


Do not use this option for offboarding, which should be accomplished in one of the following ways:

  • Enabling the Remove disabled users during sync option.

  • Manually removing users from the web vault.

In either case, consider using Admin Password Reset to takeover and audit removed users' vaults before removing them from the Organization, and and using one of these methods to delete their accounts after removed.

Overwrite Sync
Overwrite Sync

You may also enable this option directly in the Directory Connector configuration file (data.json) by setting "overwriteExisting": true:

"syncConfig": {
  "overwriteExisting": true



  • Resource Center
  • Community Forums
  • Security Compliance
  • Success Stories
  • User Reviews
  • Newsfeed
  • Subscribe to Updates

©2022 Bitwarden, Inc.

Terms Privacy Sitemap