SpanVA DSS Groups are getting synced into CloudSOC but not Users.
An example of SPANVA MONITORING logs:
2024-01-16 12:47:15,340 - activedir_sync - DEBUG - adsync_profile_1-All users from active directory server at ldap://XXXXXXXXXXXXXXXXXXXXX have already been sync'd. No new users
2024-01-22 08:28:49,919 - activedir_sync - INFO - adsync_profile_1-ad_base_dn:DC=EXAMPLE,DC=COM, ad_url:ldap://XXXXXXXXXXXXXXXXXXXXX, ad_admin_user:EXAMPLE-ADMIN@XXXXXXXXXXX
24-01-22 08:28:49,923 - activedir_sync - DEBUG - adsync_profile_1-Syncing user/groups from active directory, full_sync=False, sync_once=True, sync_interval=3600 seconds
2024-01-22 08:28:49,926 - activedir_sync - DEBUG - adsync_profile_1-Deletion anomaly checking is not active.
2024-01-22 08:29:04,461 - activedir_sync - INFO - adsync_profile_1-Groups to add/update : 7
2024-01-22 08:29:04,480 - activedir_sync - DEBUG - adsync_profile_1-Completed syncing # new/updated groups from Active directory
2024-01-22 08:29:38,869 - activedir_sync - DEBUG - adsync_profile_1-Completed syncing ### new/updated users from Active directory
2024-01-22 08:29:38,995 - activedir_sync - INFO - adsync_profile_1-Number of invalid users ####
Many times when only users are not synchronized from LDAP it means attributes from LDAP and SpanVa do not match.
Make sure that the attribute setting configuration on CloudSOC > Settings > CloudSOC SpanVA matches your configuration in SpanVa and your LDAP provider.
The most common attribute used in SpanVa is an Email attribute, for which one chooses userPrincipalName after the change make sure to apply it in SpanVA synchronization [SpanVA > DSS > Sync]. Within approx 3-5 minutes users should start getting imported into CloudSOC. If not, you match the switch from userPrincipalName to mail make a synch, and then again apply it in the SpanVA synchronization.
Refer to Default directory sync user attributes
The other option is for users that are invalid and not synchronized because the domain for the UPN is not added as a secondary domain or the domain is not valid.