Using Active Directory Integration (ADI) with Azure Active Directory Domain Services
If you’re using Azure Active Directory Domain Services and want to configure Active Directory Integration (ADI) to access this source to sync your users and groups to your KnowBe4 console, follow the instructions below.
Note:
Attributes that are only found through a powershell query cannot be synced. Only attributes found in the user’s profile in the Azure portal can be synced. For more information on the fields available in the user profile and how to add or update this information in Azure, check out this article.
Prerequisites
- You must have an Azure Active Directory with Azure AD Domain Services enabled.
- See Microsoft's instructions here: Enable Azure Active Directory Domain Services using the Azure portal
- You must also have enabled Azure Active Directory LDAPS.
- See Microsoft's instructions here: Configure secure LDAP (LDAPS) for an Azure AD Domain Services managed domain
Two ways to set up ADI using Azure Active Directory Domain Services:
- You can install ADI on an internal machine (on the same network)
- Follow the instructions on our ADI Installation article to install ADI on the selected internal machine.
- When prompted for the "Active Directory Hostname or IP address" during installation, use the Domain Services Internal IP ("IP Address on Virtual Network" from your Azure Properties as shown in the below image).
- When prompted to "Enable SSL", type true.
- You can install ADI on an external machine (outside your network)
- Follow the instructions on our ADI Installation article to install ADI on the selected external machine.
- When prompted for the "Active Directory Hostname or IP address" during installation, use the LDAPS External IP ("Secure LDAP External IP Address" from your Azure Properties as shown in the below image).
- When prompted to "Enable SSL", type true.
Comments
0 comments
Article is closed for comments.