Chat now with support
Chat with Support

Quick Connect for Cloud Services 3.7 - Administrator Guide

Installing One Identity Quick Connect for Cloud Services Working with Google Apps Working with Google Postini Services Working with Microsoft Office 365 Working with Salesforce Working with ServiceNow Working with Windows Azure Active Directory Appendix A: Synching Multiple Owners attributes to Google Owners attributes

Working with Windows Azure Active Directory

Working with Windows Azure Active Directory

To create a connection to Windows Azure Active Directory, you need to use One Identity Quick Connect Sync Engine in conjunction with a special connector called Windows Azure AD Connector. This connector is included in the Quick Connect for Cloud Services package.

The Windows Azure AD Connector supports the following features:

 

Table 38: Supported features

Feature

Supported

Bidirectional synchronization

Allows you to read and write data in the connected data system.

Yes

Delta processing mode

Allows you to process only the data that has changed in the connected data system since the last synchronization operation, thereby reducing the overall synchronization operation time.

Yes

Password synchronization

Allows you to synchronize user passwords from an Active Directory domain to the connected data system.

Yes

Secure Sockets Layer (SSL) data encryption

Uses SSL to encrypt data that is transmitted between One Identity Quick Connect Sync Engine and connected data system.

Yes

In this section:

For instructions on how to rename a connection, delete a connection, synchronize passwords in a connected data system, or modify synchronization scope for a connection, see the One Identity Quick Connect Sync Engine Administrator Guide.

Creating a Windows Azure Active Directory connection

Working with Windows Azure Active Directory > Creating a Windows Azure Active Directory connection

To create a connection, complete the following steps:

Step 1: Configure an application in Windows Azure Active Directory

Working with Windows Azure Active Directory > Creating a Windows Azure Active Directory connection > Step 1: Configure an application in Windows Azure Active Directory

One Identity Quick Connect for Cloud Services reads and writes data in Windows Azure Active Directory by using an application existing in your Windows Azure Active Directory environment. This step describes how to configure such an application.

To configure an application

  1. Create an application in any domain of your Windows Azure Active Directory environment. The application must have sufficient permissions to read and write data in Windows Azure Active Directory.

    You can assign the required permissions to the application by running a Windows PowerShell script. Below is an example of such a script. To run the script, you need to install Windows Azure PowerShell on your computer.

    # Replace <ClientId> with the Client ID of the Active Roles Azure AD Connector Application (example format: 455ad643-332g-32h7-q004-8ba89ce65ae26)

    $Id = "<ClientID>"

    # Prompt for Windows Azure AD Global Admin credentials.

    # Save the supplied credentials to the $creds variable.

    $creds=get-credential

    Active

    # Connect to Azure AD using the credentials stored in $creds.

    connect-msolservice -credential $creds

    # Get the Principal ID of the Active Roles Azure AD Connector Application and save it to the $servicePrincipal variable

    $servicePrincipal = Get-MsolServicePrincipal -AppPrincipalId $Id

    # Get the required role ID from the Active Roles Azure AD Connector Application and save it to the $roleId variable

    $roleId = (Get-MsolRole -RoleName "Company Administrator").ObjectId

    # Assign the required permissions to the Active Roles Azure AD Connector Application

    Add-MsolRoleMember -RoleObjectId $roleId -RoleMemberObjectId $servicePrincipal.ObjectId -RoleMemberType servicePrincipal

     

  1. Open the application properties and copy the following:
    • Client ID
    • Valid key of the application

    You need to supply the copied client ID and key when creating a new or modifying an existing connection to Windows Azure Active Directory in the Quick Connect Administration Console.

Step 2: Create a connection to Windows Azure Active Directory

Working with Windows Azure Active Directory > Creating a Windows Azure Active Directory connection > Step 2: Create a connection to Windows Azure Active Directory

To create a new connection

  1. In the Quick Connect Administration Console, open the Connections tab.
  2. Click Add connection, and then use the following options:
    • Connection name. Type a descriptive name for the connection.
    • Use the specified connector. Select Windows Azure AD Connector.
  3. Click Next.
  4. On the Specify connection settings page, use the following options:
  5. Click Finish to create a connection to Windows Azure Active Directory.
Related Documents