I'm looking to clean up some shadow IT in my organization, and a big area of concern is managing our Dropbox usage. I'm wondering if Dropbox can enforce Single Sign-On (SSO) settings for all accounts linked to a particular domain. If I create a paid account and set up SSO, will it automatically enforce these settings for everyone under that domain? Specifically, if a user doesn't already have a Dropbox account but is invited to join through a share link, will they have to align with our SSO settings even if they're using a free account? Essentially, I want to pay Dropbox so I can enforce SSO controls for our domain without having to license every single user in the organization. I'm also trying to avoid a sales pitch from Dropbox, so I'd love to hear any experiences you all have had with this!
3 Answers
Just a heads-up, Dropbox doesn't offer SSO unless you're on the Enterprise plan. So that's where you need to start if you want those features.
You're looking for what's called Domain Capture. On the Enterprise tier, once your domain is verified, you get two options for those using a domain email for personal or free accounts. They can either be forced to join your team or they have to switch their email to a personal one. But this won’t affect external users who are invited to your Dropbox. Just know that the initial setup can be a bit of a mess, and they'll likely try to charge you extra for it all.
Yes, if you set up an enterprise account, you can enforce domain security. However, you'll need to claim ownership of all accounts under your domain and pay for a license for each one for at least a year. You can then lock down the domain to manage user access effectively. It can be quite a hassle to get everything sorted out, though.
At least knowing it’s possible is a relief! Have you been given a minimum revenue benchmark to maintain that domain lock over the years?
That sounds really frustrating! Yeah, it feels like you're practically licensing everything just to gain control. Have you managed to lock the domain immediately upon setting up the Enterprise account, or is it an ongoing process throughout the first year?