Menu English (US) Čeština Dansk Deutsch Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Português do Brasil Português (Portugal) Română Русский svenska ไทย Türkçe Українська Tiếng Việt 简体中文 繁體中文

How to Use Active Directory Integration (ADI) with Azure Active Directory Domain Services

Updated:

Created:

Using ADI with Azure Active Directory Domain Services

If you use Azure Active Directory (AD) Domain Services, you can configure ADI to sync your users and groups to your KMSAT console. Configuring ADI with Azure AD Domain Services will allow you to manage all your users in one platform.

Note: You will not be able to sync attributes that are only found through a Microsoft PowerShell query. You can only sync attributes that are available with the user’s profile in your Microsoft Azure portal. For more information about available attributes and how to add or update attributes in Azure, see Microsoft’s Add or update a user’s profile information using Azure Active Directory article.

Jump to:

Prerequisites

Setting up ADI with Azure AD Domain Services

 

Prerequisites

Before you can use ADI with Azure AD Domain Services, make sure you meet the following prerequisites:

Back to top

 

Setting up ADI with Azure AD Domain Services

There are two different methods for setting up ADI with Azure AD Domain Services. You can either install ADI on an internal machine or an external machine. Internal machines are machines that are on your network. External machines are machines that are outside of your network.

Note: Nested groups are not currently supported by SCIM and Azure provisioning. For more information, see the Scoping section of Microsoft’s How Application Provisioning works in Azure Active Directory article.

To set up ADI using either of these methods, click the method that you would like to use in the drop-down menu below:

Installing ADI on an Internal Machine
To install ADI on an internal machine, follow the steps below:
  1. Run the Active Directory sync tool. This is the KnowBe4_AD_Sync.msi file that you downloaded from your KMSAT Account Settings. For more information, see the Installation and Configuration section of our Active Directory Integration (ADI) Configuration Guide.

  2. Fill out the fields in the command prompt window that opens. When you’re prompted to enter your Active Directory Hostname or IP address, enter the IP Address on Virtual Network from the Azure Properties section of your Microsoft Azure account. For an example of the IP Address on Virtual Network in Microsoft Azure, see number 1 in the screenshot below:

  3. In the Enable SSL section of the command prompt window, enter true.
  4. After you have updated the fields in the command prompt window, press the Enter key on your keyboard to close the window.
Installing ADI on an External Machine
To install ADI on an external machine, follow the steps below:
  1. Run the Active Directory sync tool. This is the KnowBe4_AD_Sync.msi file that you downloaded from your KMSAT Account Settings. For more information, see the Installation and Configuration section of our Active Directory Integration (ADI) Configuration Guide.

  2. Fill out the fields in the command prompt window that opens. When you’re prompted to enter the Active Directory Hostname or IP address, enter the Secure LDAP External IP Address from the Azure Properties section of your Microsoft Azure account. For an example of the Secure LDAP External IP Address in Microsoft Azure, see number 2 in the screenshot below:

  3. In the Enable SSL section of the command prompt window, enter true.
  4. After you have updated the fields in the command prompt window, press the Enter key on your keyboard to close the window.
  1.  

Back to top

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles