# Active Directory PowerShell connector The AD PowerShell connector enables OpenIAM to communicate with Active Directory to support provisioning, deprovisioning, synchronization, password management, and reconciliation. ## Deployment Options The connector can be deployed on either: * A **domain-joined server** inside the same domain that contains the identities the connector is supposed to manage. This is the recommended approach. * A **non-domain-joined server**, provided the domain controller of the target domain is network-reachable from the connector server. Installing the connector directly on domain controllers is technically possible but not recommended for production environments. ## Supported operating systems All PowerShell connectors for OpenIAM version 4.x support: * Windows Server 2016 * Windows Server 2019 * Windows Server 2022 * Windows Server 2025 While older operating systems are supported, OpenIAM recommends using newer versions. Older OS versions require installation of additional dependencies. ## Supported identity types The AD PowerShell connector supports provisioning and synchronization of the following identity types: * Users * Groups * Computers * File Shares --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs-beta.openiam.com/application-onboarding/connectors/active-directory-powershell-connector.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.