Follow these steps to configure Azure AD integration with
MaaS360®.
Procedure
- From the IBM®
MaaS360 Portal
Home page, select .
- Select the services that you want to integrate, and then click
Configure.
You are redirected to the Microsoft
account login page.
- Log in to your Microsoft account and grant
permission for MaaS360 to view your Azure AD instance.
For the User Visibility service, you must provide the Tenant ID details
to complete the configuration. When the configuration is complete, all users and groups are imported
into MaaS360.
- Select to import User Directory groups in the IBM
MaaS360 Portal.
The name of the group and the GUID of each group is displayed in the IBM
MaaS360 Portal.
When the integration is configured, all data is synced every 4 hours from Azure AD to MaaS360. Only changes in the data are synced.
A
full refresh that reimports all users and groups occurs alternative weeks on a Sunday. From the
IBM
MaaS360 Portal, you can
configure the frequency and the day of week to refresh data. The administrator can also trigger a
manual full refresh by clicking Refresh.
The Azure AD integration window (at ) in the IBM
MaaS360 Portal displays the list
of configured services, the tenant ID, and the last successful sync times.
- To map the Azure User Attribute to the MaaS360 User Attribute, follow these steps:
- Prerequisite:
MaaS360 needs the extension attributes from the Azure AD.
You must have a user in the Azure AD tenant that is used for the User Visibility configuration with
the display name "CustomAttributesUser". This user should contain all the
extension attributes that are associated with Azure AD. For procedures on how to create extension
attributes and map the attributes to users, see https://msdn.microsoft.com/library/azure/ad/graph/howto/azure-ad-graph-api-directory-schema-extensions.
- Click Reload Azure User Attributes to load the Azure User
Attributes from Azure AD.
The MaaS360 User
Attributes are populated in the IBM
MaaS360 Portal when you add
custom attributes.
- Click Add Mapping to map the Azure User Attribute to the MaaS360 User Attribute.