With respect to Active Directory (AD) data transfer security, the AD sync application connects back to the MRI OnLocation API server over a secure HTTPS connection. The application will only accept a connection to a valid and trusted certificate before sending any data. Our certificate is issued by Comodo UK and provides a chain of trust back to the default Windows certificate store.
We have an additional option in the Sync application to verify the public key, this will directly compare the public key for the remote side to the known value for api.whosonlocation.com. This option forgoes the issuer validation and ensures that it is absolutely connected to OnLocation, a fake trusted certificate can not be used to intercept communications.
OnLocation supports the maintenance of employee profiles via Active Directory syncing through our SyncPortal integration.