Azure AD Automatic User Provisioning
Beantwortet
Enable the ability to automate the addition and remove of users via the Azure AD Service.
I am able to do this with my other Web Applications and it is a huge benefit, and greatly streamlines the new user onboarding process.
Here is the documentation regarding the feature.
https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-app-provisioning
-
This does not address what the original poster requested. This new feature only helps in cases where customers are hosting AD Services in Azure and not on-prem.
The poster is requesting that you implement built-in support for Azure provisioning and SSO as mentioned in this article - https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-app-provisioning%C2%A0. This eliminates the need to stand up a new server and/or to install anything at all in the customer's environment. Just a few clicks and everything is setup.
All the big players have started doing this.
-
Hi KB4 Team!
1. Can we mark this Incomplete or Pending or anything other than Completed? The request is different from the solution that was posted.
2. I want to up-vote this request, times are changing and Azure AD and other IDP tools are coming in fast... I'm sure you know the competitors have it and it is a factor to consider during the decision making.
Hopefully we can get an ETA soon!
Thanks,
jerome
-
I want to add my support for needing a proper SCIM provisioning integration as well. Legacy (on-prem) Active Directory is a dying technology, and requiring Azure ADDS is not a valid work-around, especially for more modern enterprises leveraging Okta and other SaaS identity providers.
Having a proper SCIM provisioning API would unlock potential for KB4 customers using pretty much any modern identity provider (including Azure AD natively). -
As a cloud-forward business using Azure AD for identity management rather than on-prem AD, having SCIM provisioning available is very important for us. Currently I need to manually provision and deprovision on every change to our workforce, and this adds a significant workload. Setting up Azure AD Domain Services just to allow automatic provisioning with KnowBe4 is a cost we cannot take on.
-
Also adding my voice for this request. It takes a huge burden out of user management by having a standardized method (SCIM) for importing users via a cloud service. I've had to create three separate connectors for the domains under management and I spend way more time than I should just making sure its accurate.
-
Hello Justin and Jerome!
I've changed the status of the post to Answered and not Completed so that we can continue to follow the upvotes associated. I'll also get your requests over to the dev department so that they know that this is a factor when choosing a training/ phishing platform.
I'm positive that our Dev team is always looking for ways to make user provisioning better for our customer base and full provisioning via Azure AD would be a great feature!
Thank you all for contributing and upvoting this popular post!
-
I just wanted to add my support for this feature request.
We have 2 AD domains in 2 separate forests. We currently use the KnowBe4 ADISync tool for one domain and the CSV import for the other.
Originally, we tried getting the ADISync tool to work with both domains, but it appeared to be a limitation.
I believe adding the user provisioning via Azure AD sync would resolve this issue for us as well.
-
Thank you for your responses to this post and your votes. This feature request is with our development team and all changes for the SCIM application can be found in our changelog here https://support.knowbe4.com/hc/en-us/articles/115009454228. Please do continue to vote and add +1s as this raises the priority of the request with our internal team! Thank you all for your feedback and for taking the time to share your thoughts and experiences with us. We always appreciate any customer feedback that allows us to improve on the console and in the way we do things!
Thank you,
-
I can confirm SCIM for Azure AD works fine and the support article is correct. I'm still waiting for the ability to sync phone numbers though. Vishing isn't possible if you don't have the phone number. I could upload a csv though but I don't see the technical difficulty in adding the phone number field as many other are being synced already.
-
Great news! You now have the capability to use our Active Directory Integration (ADI) with Azure Active Directory Domain Services!
You can sync your Azure Active Directory users and groups to your KnowBe4 console! See our ADI and Azure AD Domain Services article for more information.
-
As a new customer I've spent a while trying to work out how best to sync our AAD users. It seems this isn't available!
Sure I can sync the local AD but we don't have all out users in the local AD, some are cloud only. The same as Matthew above, we also have multiple AD domains (both synced to the same AAD directory). The one thing all our various group companies are converging on is the use of AAD as an authentication and user management service.
For us it would make perfect sense to allow direct sync with AAD. Please make this happen KnowBe4. Thanks.
-
Hello all, you requested and development listened!
I am happy to announce that SCIM provisioning is now available and supported for Azure!You can find the documentation on how to utilize SCIM provisioning here!!
Note:
If you go to enable SCIM provisioning and it is not available please note that we are incrementally releasing this across the platform so you may see it in a few days if you do not see it right now!
If you have additional questions feel free to submit a support request by emailing support.knowbe4.com
Or give us a call:
- United States: +1 855-815-9494
- Mexico: +52 800-283-3201
- El Salvador: +503 2136-1126
Phone support is available weekdays from 6 a.m.-9 p.m. (Eastern)
Bitte melden Sie sich an, um einen Kommentar zu hinterlassen.
Kommentare
76 Kommentare