Configuring Entra ID

This section will walk you through the process of creating an app registration in Microsoft Entra to define the application identity and enable secure integration between Ivanti Neurons and Microsoft Entra. Before setting up these connectors in Neurons, you need to create an App Registration in Azure portal with the necessary permissions and credentials.

To create an app registration in Microsoft Entra for Entra ID, refer to Creating apps in Entra ID for Microsoft connectors.

Ensure that you configure only the Entra ID from the above mentioned topic.

Once you have created an app registration in Microsoft Entra, you can now configure the connector to connect Entra to the Neurons Platform. This enables you to securely access and sync Entra ID users and groups between Microsoft Entra and Ivanti Neurons.

To configure a connector for Entra ID, from the app menu, go to Admin > Connectors. Then, click Add Connector, and select Microsoft Entra ID.

For more information about configuring the Microsoft Entra ID connector, refer to Microsoft Entra ID connector.

Configure Entra ID credentials to allow access to Microsoft Entra using a certificate.

To configure the Entra ID credentials:

1. Navigate to Admin > Credentials.

2. Click Add Credentials.

3. In the New Credential panel, select the Microsoft Entra ID Certificate option from the drop-down menu. Then, click Next.

4. Enter a name and description for the credentials.

5. Click Select Certificate to browse and upload the encrypted certificate (.pfx format).
   You can upload your organization's certificate containing a private key here to configure it.

6. Click Submit.

After configuring the connectors and credentials, you can select the Entra ID connector in App Control to enable Entra ID groups as a source when you configure a rule.

To browse Entra ID groups from within a configuration:

1. Navigate to App Control > Configurations.
   The Configurations page appears.

2. Click Settings in the top-right corner of the page.
   The Settings pane for Entra ID Group appears.

3. Select a configured connector from the Entra ID Connector drop-down menu.

   Selecting a connector applies across the tenant.

4. Click Save.

Entra Users and Groups can now be added to a rule when you set up App Control configurations. You can choose them under the When step while you are adding or editing an App Control rule. For more information about App Control rules, refer to Configuration Rules.

Entra Users are synced to Neurons by the defined schedule in the Entra ID connector. The Entra Users available in Neurons App Control is based on the last sync of the Connector.

Configure the Entra ID setting to establish a connection between Ivanti Neurons App Control Engine and Microsoft Entra.

For more information about configuring the other rules, refer to Configuring Settings topic.

To configure the Entra ID credentials:

1. Navigate to App Control > Configurations.
   The Configurations page appears.

2. Select a configuration from the list to set up Entra ID settings. Then, click Edit.
   The Edit Configuration page appears.

3. Go to Settings > Advanced Settings > Entra ID Settings.

4. Select the Enable Entra ID users and group settings check-box.

5. Enter the Directory (tenant) ID and Application (client) ID.
   You can find the above information in the App Registration configured for Ivanti Neurons. You can copy the IDs into the App Control Configuration Settings.

6. Click Save to update the configuration with Entra ID settings.