Chat now with support
Chat with Support

Active Roles 7.2.1 - Azure Active Directory and Office 365 Administrator Guide

Azure_Overview Config ARS to Manage Hybrid AD Objects Managing Hybrid AD Users Managing Office 365 Contacts Managing Hybrid AD Groups

View the Azure AD Application

View the Azure AD Application properties

For an existing Azure AD Application, you can use the Active Roles Web Interface to view the properties.

To view the Azure AD application properties

  1. On the Active Roles Web interface Navigation bar, click Directory Management.
  2. On the Views tab in the Browse pane, click Azure Configuration -> Azure Application.

    The list of existing Azure AD applications are displayed.

  1. Select the check box corresponding to the specific Azure AD application for which you want to view or update the Azure properties.
  2. In the Command pane, click Azure properties.

    The Azure Properties wizard for the Azure AD application is displayed.

  1. Use the fields in the Azure Properties wizard to view the properties of the Azure AD application.

NOTE: You cannot modify the Azure AD application properties.

Provide Administrator Consent

Config ARS to Manage Hybrid AD Objects > Config ARS using WI to Manage Hybrid AD Objects > Provide Administrator Consent for Azure AD application to access Active Directory

Provide Administrator Consent for Azure AD application to access Active Directory

After an application is created for the Azure AD tenant, the administrator with the Global Administrators group privileges must provide consent for communication between the application and Active Roles Server for the permission scopes that are configured for the application.

To provide Administrator consent for an application

  1. On the Active Roles Web interface Navigation bar, click Directory Management.
  2. On the Views tab in the Browse pane, click Azure Configuration -> Azure Application.

    The list of existing Azure AD applications are displayed.

  1. Select the check-box corresponding to the specific Azure AD application for which you want to provide consent to Microsoft Azure AD, and click Azure Properties.
  2. From the Azure Properties wizard, copy the URL displayed in the Consent URL field, open a new Web Browser tab or window, enter the URL and press Enter.
  3. On the Microsoft Azure login page, enter the Azure AD administrator credentials.
  4. Click Accept to provide consent to Microsoft Azure to grant access to the Active Roles Active Directory resources.

    On successful completion of the task the Local host window is displayed.

Application Permissions

Azure AD Application Permissions

When an Azure AD application is registered, the administrator defines the permission scope for the application. By default, minimal permissions are assigned to every application. To add additional permissions to the Azure application, go to the Azure Portal and add the required permissions. To add the additional permissions for all the users in the organization, click Accept.

During an in-place upgrade of Active Roles to version 7.2, delete the existing Tenant and then add a new Tenant and Application. This ensures that the Application has the minimal permissions assigned by default.

Deleting the Azure AD Tenant and application, does not delete the application from Azure. To remove the application completely, go to the Azure portal and delete the application.

Delete an Azure AD Application

You can use the Active Roles Web Interface to delete an Azure AD application.

To delete an Azure AD application

  1. On the Active Roles Web interface Navigation bar, click Directory Management.
  2. On the Views tab in the Browse pane, click Azure Configuration -> Azure Applications.

    The list of existing Azure AD applications are displayed.

  1. Select the check box corresponding to the specific Azure AD application which you want to delete.
  2. In the Command pane, click Delete.

    A message is displayed prompting you to confirm if you want to delete the application.

  1. Click Yes.

    The Azure AD application is deleted and can be verified by navigating to Azure Configuration -> Azure Applications.

NOTE: The Azure AD application is deleted from the Active Roles database and Azure AD.

Related Documents