Azure AD Import
Role: Administrators.
Minimum Version: Ivanti Neurons for ITSM 2024.2.
With Azure Active Directory (AD), you can maintain your organization's employees be it full-time or contractors. It helps you maintain your users' identities and access control along with the ability to make necessary customizations to suit your business model and need.
Prerequisite
•Keep the following information handy to connect with Azure AD portal. You can obtain them from your Microsoft Entra ID.
•Client ID
•Client tenant ID
•Client secret
Configuring Azure AD in ITSM
1.Log in to ITSM as an Administrator.
2.Open the Configuration console, scroll and select LDAP Integration > Azure AD Import.
The Azure AD Import Connections page is displayed.
3.Click Setup new Azure AD connection.
4.Enter information in the following tabs:
This tab is used to set the configuration information required for the ITSM to Azure AD connection.
The other three tabs will be disabled till you complete the process in the Configuration tab.
a. | Select the Enabled checkbox. |
b. | Enter the following information: |
•Connection Name - enter a contextual name. The minimum characters required is five.
•Client ID, Client tenant ID, and Client secret - enter appropriate details provided by Microsoft Entra.
•Select primary key - choose an option. The recommended is Azure AD ID.
c. | Click Test Connection after providing all the information to validate the connection details. |
You will get a success message if the connection details are correct.
d. | Click Save. |
This saves the connection details and enables you to proceed to the next steps but the connection as such is in Inactive state.
This tab is used to set the filters on Azure AD fields. The predicates And, OR, and HttpString are available.
Microsoft Graph SDK is used to connect to APIs. For more information, refer to Make API calls using the Microsoft Graph SDKs.
•AND predicate - In a filter query, AND predicate is used when you want the results to satisfy all filter conditions.
For example, if the filer query is set as,
•Condition 1 - AccountEnabled Equals True
•Condition 2 - City Equals London
The results returned will satisfy both the conditions, that is, the users' Account enabled status should be true and the city should be London.
•OR predicate - In a filter query, OR predicate is used when you want the results to satisfy any one of the filter conditions.
For example, if the filer query is set as,
•Condition 1 - AccountEnabled Equals True
•Condition 2 - City Equals London
The results returned will satisfy either one of the conditions, that is, the users' Account enabled status should be true or the city should be London.
•HttpString predicate - The HttpString predicate is used when you want to enter the filter conditions in string-based HTTP request and the results returned should satisfy the HttpString request.
For example, startsWith('S', displayName) and accountEnabled eq true.
The result returned will be of all records where display name starts with S and account enabled status is true.
For more information on filter queries and predicates, refer to Microsoft Graph - Use the $filter query parameter and Microsoft Graph - Advanced query capabilities on Microsoft Entra ID objects.
This tab is used to set the field mappings from ITSM to Azure AD. It consists of both existing and new field mappings for a connection.
a. | Click Add Mapping. |
b. | Select appropriate mappings from ITSM to Azure AD. |
c. | Choose the Mapping Type as either Map or Fixed Value. |
•Map - list options to choose from.
•Fixed Value - you have to provide the input.
d. | Select the Do not update checkbox against a mapping record to prevent the selected field from updating when imported. |
This tab allows you to set a schedule or import immediately.
•Choose a schedule from the Schedule list to run the import as per the time in the selected schedule.
or
•Choose Save and Import to run the import immediately.