Chat now with support
Chat with Support

Active Roles 7.2.1 - Azure Active Directory and Office 365 Administrator Guide

Azure_Overview Config ARS to Manage Hybrid AD Objects Managing Hybrid AD Users Managing Office 365 Contacts Managing Hybrid AD Groups

View Azure Health for Azure AD tenants and applications

Config ARS to Manage Hybrid AD Objects > Config ARS using WI to Manage Hybrid AD Objects > View Azure Health for Azure AD tenants and applications

View Azure Health for Azure AD tenants and applications

Azure Health Check informs you about the Active Roles to Azure AD connectivity status, and the Active Roles Azure AD tenant and application heath status.

To view the Azure AD health status in Active Roles

  1. On the Active Roles Web interface Navigation bar, click Directory Management.
  2. On the Views tab in the Browse pane, click Azure Configuration -> Azure Health Check.

    The health status for the following services and resources is displayed:

    • Graph Connectivity – Green status indicates that the Active Roles connectivity to the Microsoft Graph API is successful

    • Tenant Connectivity – The tenant username and password are validated. Green status indicates that the Azure AD Tenant credentials are valid. The tenant connectivity is successful only if the Graph connectivity is successful

    • Azure Application Connectivity – The Azure AD applications are validated and verified if the applications are consented. Green status indicates that the Azure AD applications connectivity is successful. The application connectivity is successful only if both the Graph connectivity and tenant connectivity are successful.

View Azure O365 License Report

View Azure Licenses Report

Azure Licenses Report displays the Office 365 licenses that are available and assigned to a user.

To view the Azure AD licenses report

  1. On the Active Roles Web interface Navigation bar, click Directory Management.
  2. On the Views tab in the Browse pane, click Azure Configuration -> Azure Licenses Report.

    The Azure Licenses Report wizard displays the list of Office 365 licenses available for the Azure AD domain. For each license the following information is displayed:

    • Valid – The total number of a specific license available for the Azure AD domain.
    • Expired – The number of licenses of a specific license type that are in renewal period or have expired.
    • Assigned – The number of licenses of a specific license type that have been assigned to any users in the domain. 

Config ARS using Mgt Shell to Manage Hybrid AD Objects

Config ARS to Manage Hybrid AD Objects > Configuring Active Roles to manage Hybrid AD using Management Shell

Configuring Active Roles to manage Hybrid AD using Management Shell

Active Roles Management Shell enables you to perform the following configuration tasks to manage Hybrid AD:

Add an Azure AD tenant using Mgt Shell

Add an Azure AD Tenant

You can use the Active Roles Management Shell to add an Azure AD tenant.

To add an Azure AD tenant

On the Management Shell interface, run the New-QADConfigObject cmdlet.

Synopsis

This cmdlet enables you to add an Azure AD tenant to Active Directory.

Syntax

New-QADAzureConfigObject -type 'AzureTenant' -name 'Azuretenantname' -AzureTenantId 'AzureTenantGUID' -AzureTenantDescription 'AzureTenantDescription' -AzureAdminUserID 'AzureGlobalAdminUserID' -AzureAdminPassword 'AzureGlobalIDPassword'

Description

Use this cmdlet to add an Azure AD tenant using the tenant ID provided by Microsoft for the default tenant created at the time of Microsoft Azure subscription.

Parameters

  • type (string)

    Use this parameter to specify the object class of the directory object to be created. This is the name of a schema class object, such as User or Group. The cmdlet creates a directory object of the object class specified by the value of this parameter.

 

Table 1: Parameters: type (string)

Required

true

Position

named

Accepts pipeline input

false

Accepts wildcard characters

false

  • name (string)

    Use this parameter to set the 'name' attribute to this parameter value on the new object created by this cmdlet in the directory.

 

Table 2: Parameters: name (string)

Required

true

Position

named

Accepts pipeline input

false

Accepts wildcard characters

false

  • AzureTenantId (string)

    Use this parameter to enter the Azure AD tenant ID obtained from the default tenant created after subscribing for Microsoft Azure.

NOTE: The values entered for configuring Azure AD tenant must exactly match the values configured for Azure AD, else Azure AD application creation and management of Azure AD objects fail.

 

Table 3: Parameters: AzureTenantId (string)

Required

true

Position

named

Accepts pipeline input

false

Accepts wildcard characters

false

  • AzureTenantDescription

    Use this parameter to specify the required description for the Azure AD tenant.

 

Table 4: AzureTenantDescription

Required

false

Position

named

Accepts pipeline input

false

Accepts wildcard characters

false

  • AzureAdminUserID

    Use this parameter to specify the administrative user name for Microsoft Azure AD.

NOTE: The Administrative user must have the required privileges to perform license management and Azure user and group management.

 

Table 5: Parameters: AzureAdminUserID

Required

true

Position

named

Accepts pipeline input

false

Accepts wildcard characters

false

  • AzureAdminPassword

    Use this parameter to specify the administrative user name for Microsoft Azure AD.

 

Table 6: Parameters: AzureAdminPassword

Required

true

Position

named

Accepts pipeline input

false

Accepts wildcard characters

false

Example

Connect to any available domain controller with the credentials of the locally logged on user, and create a new Azure AD tenant:

C:\PS> New-QADAzureConfigObject -type 'Tenant1' -name 'ComapnyAzuretenant' -AzureTenantId 'CompanyAzureTenantID' -AzureTenantDescription 'Azure tenant for Company' -AzureAdminUserID 'AzureAdminUser1' -AzureAdminPassword 'AzureAdminPassword1’

Example

Connect to the local Administration Service with the credentials of a specific user, create a new Azure AD tenant and then disconnect:

C:\PS> $pw = read-host "Enter password" -AsSecureString

C:\PS> connect-qadService -service 'localhost' -proxy -ConnectionAccount 'company\administrator' -ConnectionPassword $pw

C:\PS> New-QADAzureConfigObject -type 'Tenant1' -name 'ComapnyAzuretenant' -AzureTenantId 'CompanyAzureTenantID' -AzureTenantDescription 'Azure tenant for Company' -AzureAdminUserID 'AzureAdminUser1' -AzureAdminPassword 'AzureAdminPassword1’

C:\PS> disconnect-qadService

Related Documents