With the Web Hybrid module, an interoperability component called Directory Agent is required if you want to enable user, group, and domain (OU) based policy enforcement through the hybrid service.

After deployment, use the TRITON Manager to configure Directory Agent to collect data from your directory service (see Send user and group data to the hybrid service). Once configured, Directory Agent collects user and group data from your directory service and sends it to Sync Service in LDIF format.

At scheduled intervals (see Schedule communication with the hybrid service), Sync Service sends the user and group information collected by Directory Agent to the hybrid service. Sync Service compresses large files before sending them.