Using ADI with Azure Active Directory Domain Services
If you use Azure Active Directory (AD) Domain Services, you can configure ADI to sync your users and groups to your KMSAT console. Configuring ADI with Azure AD Domain Services will allow you to manage all your users in one platform.
Jump to:
Setting up ADI with Azure AD Domain Services
Prerequisites
Before you can use ADI with Azure AD Domain Services, make sure you meet the following prerequisites:
- Azure AD Domain Services is enabled in your Azure portal. For more information on enabling Azure’s AD Domain Services, see Microsoft’s Create and configure an Azure Active Directory Domain Services managed domain article.
- Azure Active Directory LDAPS is enabled in your Azure portal. For more information on configuring your LDAPS, see Microsoft’s Configure secure LDAP (LDAPS) for an Azure AD Domain Services managed domain article.
Setting up ADI with Azure AD Domain Services
There are two different methods for setting up ADI with Azure AD Domain Services. You can either install ADI on an internal machine or an external machine. Internal machines are machines that are on your network. External machines are machines that are outside of your network.
Note: Nested groups are not currently supported by SCIM and Azure provisioning. For more information, see the Scoping section of Microsoft’s How Application Provisioning works in Azure Active Directory article.
To set up ADI using either of these methods, click the method that you would like to use in the drop-down menu below:
- Run the Active Directory sync tool. This is the KnowBe4_AD_Sync.msi file that you downloaded from your KMSAT Account Settings. For more information, see the Installation and Configuration section of our Active Directory Integration (ADI) Configuration Guide.
-
Fill out the fields in the command prompt window that opens. When you’re prompted to enter your Active Directory Hostname or IP address, enter the IP Address on Virtual Network from the Azure Properties section of your Microsoft Azure account. For an example of the IP Address on Virtual Network in Microsoft Azure, see number 1 in the screenshot below:
- In the Enable SSL section of the command prompt window, enter true.
- After you have updated the fields in the command prompt window, press the Enter key on your keyboard to close the window.
- Run the Active Directory sync tool. This is the KnowBe4_AD_Sync.msi file that you downloaded from your KMSAT Account Settings. For more information, see the Installation and Configuration section of our Active Directory Integration (ADI) Configuration Guide.
-
Fill out the fields in the command prompt window that opens. When you’re prompted to enter the Active Directory Hostname or IP address, enter the Secure LDAP External IP Address from the Azure Properties section of your Microsoft Azure account. For an example of the Secure LDAP External IP Address in Microsoft Azure, see number 2 in the screenshot below:
- In the Enable SSL section of the command prompt window, enter true.
- After you have updated the fields in the command prompt window, press the Enter key on your keyboard to close the window.
Comments
0 comments
Article is closed for comments.