Microsoft Entra ID connector

This is a cloud connector.

The Microsoft Entra ID connector, formerly Azure AD, gathers data about users and devices from Entra ID.

For information about what data is imported and how it is mapped, see Mapping (below).

In order to connect Entra ID to the Neurons Platform, you first need to create an application in Entra ID with a variety of permissions. All permissions must be approved with Grant admin consent. For information on creating the app, see Creating API apps in Entra ID for Microsoft cloud connectors.

Application.Read.All

Auditlog.Read.All

Device.Read.All

DeviceManagementServiceConfiguration.Read

DeviceManagementServiceConfiguration.ReadWrite.All

Directory.Read.All

Directory.ReadWrite.All

Reports.Read.All

User.Export.All

User.Read

User.Read.All

User.ReadWrite.All

To receive purchase order identifier data: DeviceManagementServiceConfiguration.Read.All

To use group filters (device and user) in Neurons: Group.Read.All

Options

An Entra ID connector has the following options:

  • Connector name: A name for the connector.
  • Connector server name: For cloud connectors, this server is the Cloud option on the Connector Servers page. If you already added the connector to the Cloud option, this field will be populated for you. Otherwise, select Cloud from the list.
  • Directory (tenant) ID: The ID of the tenant you created in Entra ID.
  • Application (client) ID: The ID of the application you created in Entra ID.
  • Client secret: The client secret associated with the application you created in Entra ID.
  • Devices
    • Stale threshold: To limit the amount of data that is gathered for Neurons, set a threshold for a specific number of days. The connector will not include records unless the device has been created, logged in, or updated during that time.
    • Types: Enter a type filter to import devices with that selected type. Supported values are: Workplace, AzureAd, and ServerAd.
    • Groups: Enter a group filter to import devices that are in those groups. Groups are created and maintained within Entra ID. You will need the Group.Read.All permission within your Entra ID app to use this filter in Neurons.
  • Users
    • Stale threshold: To limit the amount of data that is gathered for Neurons, set a threshold for a specific number of days. The connector will not include records unless the user has logged in or updated during that time.
    • Groups: Enter a group filter to import users that are in those groups. Groups are created and maintained within Entra ID. You will need the Group.Read.All permission within your Entra ID app to use this filter in Neurons.
    • Import SSO sign-in activity: An option to import SSO sign-in activity data from Entra ID. You will need the AuditLog.Read.All permission within your Entra ID app to import this data into Neurons.
  • Repeats: How often the connector should gather data.
  • Start time: The time of day the connector should start running. To minimize the impact on your network and applications, we recommend that connectors generally run at night or on weekends.
  • Active: Whether the connector is active or not. While the connector is active, it runs according to the schedule you create. If you clear the check box, the connector is inactive and will not gather data until the check box is enabled again and the connector is saved.
  • Action Credentials: The credentials Ivanti Neurons uses to perform actions and queries on device or people records. The types of available actions and queries will depend on your specific work environment.

For details on configuring or using connectors, see Setting up connectors.

Mapping

The data that this connector imports is mapped to target attributes in the Neurons Platform database.

For users:

  • Name and display name

  • Email address

  • Phone number and type

  • Account creation and expiration dates

  • User's address, city, state, and country

  • Job title, department, and manager

  • Employee type, ID, and number

  • Last logon

  • Office location

  • Distinguished name

  • Password policies

  • Login timestamps for other applications

For devices:

  • Last logon date

  • Device ID and name

  • Display name

  • TCPIP host name

  • Manufacturer and model

  • OS and OS version

  • User GID and GID

  • User HWID and HWID

  • Purchase order ID

For an overview of how the data imported by this connector is mapped to the Neurons target attributes, please download the CSV file using the button below.

Download mappings

For an overview of the Neurons target attributes per data type and the connector source attributes that are mapped to them, see Connector data mapping.