Regresar
-
Título
How to set up the "Azure AD Connect" module? The current steps in the User Guide do not match. -
Descripción
Steps to set up the "Azure AD Connect" module do not match with what is displayed in the Azure portal and are confusing. -
Causa
Microsoft has changed the terms used for some of the Azure AD configurations since the Active Administrator technical documentation for version 8.5 was published. -
Resolución
Based on the Active Administrator User Guide for version 8.5, the following is what it was found to be inconsistent and what the new terms/sections of the Azure portal should be:https://support.quest.com/technical-documents/active-administrator/8.5/user-guide/34#TOPIC-1357998Starting on Page 99 - Adding the Azure Active Directory Connect application:Step 6 - Enter the URI in the Redirect URI section as a Web type linkStep 7 - In the second box under Redirect URI enter the address from step 7Step 8 - Click "Register"Step 9 - Select the application registration you just created.Step 10 - Look at the "Essentials" section of the application screenStep 11 - Record the Application (Client) ID from the Essentials section.Step 12 - Select API Permissions on the live menuStep 13 - Add a permission for "Azure Active Directory Graph" from the Supported legacy APIs section.Step 14 - Select "Delegated Permissions" and add the "Delegated:" permissions listed in the guide for step 14, then select "Applications Permissions" and add "Read Directory Data"Step 15 - Click "Add Permissions"Step 16 - Click "..." On the Azure Directory Graph permission group and Grant all permissions. All permissions should show a green check and "Granted" under their status when this is completed correctly.Step 17 - in the left menu select "Certificates and Secrets"Step 18 - Select "New client secret" and add a description for the new client secret.Step 19 - Choose an expiration time for the new client secret.Step 20 - Click "Add"NOTE: When the secret is created you must copy the value to a text file at this time. Leaving this screen and coming back will obscure the value which is needed in later steps. To get a new value a new secret must be created as the value is only shown at the time of creation. Do not forget to copy this value.Page 100 - Configuring Azure Active Directory Connect application settingsStep 8 - Use the value you copied from the client secret. -
ID de defecto
VSTS000257966 -
Información adicional
Enhancement Request ID VSTS000257966 was logged to update the Active Administrator user guide to match the current terms/actions Microsoft uses for Azure AD.