Azure SSO AD Dynamic Group Membership

Hello,

What you are asking will be available with our incomming Azure SSO Synchronization feature. That feature will allow you to synchronize users and groups from your Azure AD to your Password Hub Business. It should be release with the next major release of Password Hub. (September / October timeframe)

Have a good day!

I'm sure you can do this already to an extent, basically once you have the app created in your AAD tenant find it in Enterprise Applications then Goto its properties. There is an option called Assignment required, which means that only users assigned to this application via Users and Groups option in Ent Apps page to allow sign into the assigned users / groups only. Granted this won't allow DPH to see your Dynamic Group yet but it will however allow you to restrict which groups of users can sign in to DPH using SSO method.

Does that help at all, I use this myself, so it does work although i don't use it with DPH yet as I'm unsure what happens if a user without an account in DPH uses SSO to sign in. i.e. will it fail the authentication as the user isn't in DPH or will it work and add said user to DPH??

I just found out that if a user hasn't been setup in DPH yet but uses SSO to attempt sign in DPH wont setup that user without an Invitation so at present i don't see a reason to restrict SSO by Users / Groups seeing as without an invitation from DPH it won't authenticate anyway.

Hi,
Like Maxime mention, this will be a new feature link to the SSO authentication where it will be possible to synch groups and users.
This requires more config then what you are proposing John, whish is good if you want to ''restrict'' .There will be a Provisioning process from the Enterprise APP to your organization in Devolutions Portal and then synch with the Password Hub associated.

Actually we should be ready to Beta test in a couple of weeks , if ever some are interested.

Thank you

Id be interested in the Beta Test when its ready!!

Be an interesting addition, also I realise what i mentioned above works only for restricting SSO sign ins using Dynamic Groups that was why I said to an Extent lol

Anyway, send me a PM about the beta, also will it be a Closed or Open Beta??

Hi John,

It will be a close Beta phase, hopefully beginning of September.
We'll keep you posted.

And thank you for your interest.

Hi
For those you would like to try the Azure provisioning, we started beta phase. This means that we assist you with the configuration and sync steps.
Please write to service@devolutions.net to open a ticket request and we will organize this implementation.
Thank you,