Microsoft Azure Active Directory Integration
The scope of this section is to help you enhance Ivanti Workspace Control by enabling it to access and utilize Azure Active Directory (Azure AD) users and groups.
Workspace Control can deliver applications and resources based on user and group information retrieved from the Azure AD.
Architecture
-
One or more Azure tenants
An Azure tenant represents a single organization, where all users for that organization reside.
-
One or more Azure application registration(s)
The registered application uses Microsoft Graph RESTful web API to access Azure AD user and group information and delivers this information to the Workspace Control Composer.
-
Workspace Control Composer
The Composer deploys applications, printers, menu items and settings to which the end user is granted access based on their Azure AD membership.
The following illustration provides an overview of how the different components interact:
Consider that Microsoft Azure is a cloud service when configuring advanced detection for connection states under User Context > Connection States. Such configurations can impact the performance and functionality of the Azure Active Directory integration.
For more details see Connection States.