Connect to Microsoft Entra Tenant

This functionality creates a connection to your Microsoft Entra ID instance and connects Environment Manager Consoles and Agents to that instance. This connection allows authentication and query of data and users in Microsoft Entra ID.

If a registration is not configured, the other Environment Manager Microsoft Entra ID functionality is unavailable. To set up registration, Environment Manager must be connected to your Microsoft Entra ID instance.

Access the Microsoft Entra ID command from the Manage menu and provide the following information to configure your Microsoft Entra ID Tenant:

  • Tenant ID - your Microsoft Entra ID instance

  • Application (client) ID

  • Certificate Thumbprint

Each of these entries is specific to your Microsoft Entra ID instance.

Use Test to check for the connection.

  • You will be prompted for User and Password and then the connection is validated.

  • Select OK to finish.

The connection is created and Environment Manager has access to your Microsoft Entra ID instance.

Further details on the connection are given for all User Workspace Manager applications in the UWM Online Help.

Microsoft Entra ID Conditions

The following conditions can be used on endpoints that are joined to Microsoft Entra ID domains. The join can be a full join or a hybrid join (where the endpoint is a member of an on-prem Microsoft Entra ID domain synchronized to the Microsoft Entra ID domain by Microsoft Entra ID Connect). These conditions are:

  • Microsoft Entra ID Computer Group Membership

  • Microsoft Entra ID User Group Membership

  • Microsoft Entra ID User Name

  • Microsoft Entra ID Client Computer Group Membership

These rules apply on the agents of both Microsoft Entra ID-joined and hybrid-Microsoft Entra ID-joined machines. If a device is not connected to the network at logon then the last known Groups apply. User group assignment changes can only apply at logon. Device group assignment changes can only apply at restart.

Further, when creating custom rules in the console, they can be created with conditions for Microsoft Entra ID User Name, Microsoft Entra ID User Group, Microsoft Entra ID Computer Group and Microsoft Entra ID Client Computer Group.

Configuration for Microsoft Entra ID is via the global settings.

Microsoft Entra ID Joined

This condition is used to verify the connection to Microsoft Entra ID has been made. The options are under the Is Microsoft Entra ID Joined tab in the Is Microsoft Entra ID Joined window, where you can choose to verify either Computer is joined or Computer is not joined.