Import Users/Groups from Azure AD
0 vote
The Office 365 Integration is a step in the right direction but I would like to be able to use Azure AD instead of a local Active Directory with the Same functions provided.
I know this can be done with a local AD that is synced with Azure but we have cloud only accounts for our administrative roles that are subject to more restrictive security processes. We also have multiple regions and ADs that sync with our Azure tenant.
All Comments (11)
Hello Chris,
The Office 365 integration is the name for Azure AD integration with a tenant ID integration. Have you had the change to try it and see if you were able to import specific Azure AD and Specific Azure AD groups?
To be sure we are talking about the user management or the Office 365 configuration web page where you would like to have the same Auto create group as our AD integration have?
Regards,
David Grandolfo
Hi David,
I have configured the Office 365 Authentication option and set this to automatically create an account on login which is working.
I'd like to be able to use the Office 365/Azure groups that these users are members of to manage their Roles and permissions like you can with the local AD integration.
You also don't have the option to only auto create an account if the user is part of a certain security group, so currently any Office 365 user can authenticate and have an account created in DPS.
I reached out to support and was told that this is not yet supported and they suggested that I make a feature request. So here I am.
Hope you can help
Thanks
Chris
The Azure application has the Group.Read.All graph API permission so I thought that would be pulling in the group information for the users?
I've just had another look and seen the import option on the Administration > Roles page of the Web UI. This shows all of our Azure Groups and looks like it will do what we need with regards to permission management.
Unfortunately it doesn't sort the groups alphabetically or give you an option to search for the group that you are looking for, so makes it very difficult to find when we have 500 pages of groups.
Could a search/sort function be added for this?
Thanks
Chris
Hello,
The search and filter possibilities in the Import from Azure section will be soon fixed. For your information, the internal ticket number is DPS-2739. Once an update will be available, I will keep you posted.
About your feature request for the automatic user account creation based on an Azure AD group, I will ask the engineers to add this to their todo list. We will update this thread once any information will be available.
Best regards,
Érica Poirier
Great. Thank you!
Hello,
Just to let you know that we have added a filter box in the Import from Azure button in the Roles and Users management section on the DPS web interface. These improvements will be available in DPS beta version 2020.1.4 which should be soon available for download.
Best regards,
Érica Poirier
A couple of years late to this, but did you get a guide for setting this up via Office 365 to allow auto user setup but only for particular group members not anyone that logs in?
Hello,
The auto creation of Office365 accounts from a specific Azure AD group is still on our to do list. I will ask our engineering team to pop up the priority on this feature request.
Thank you for your patience.
Best regards,
Érica Poirier
Hi,
Thanks for the update, is the current method of group specific allocation then only possible through AD?
I am trying to make our onboarding as automated as possible.
Thanks,
Simon
Hello,
Yes this option exists for the Domain authentication. Please see this online help page about it.
https://helpserver.devolutions.net/authentication_domain.html#automatic-user-creation
Best regards,
Érica Poirier