Versions Compared

Old Version 9

changes.mady.by.user Chaitanya c (Unlicensed)

Saved on

compared with

New Version 10

changes.mady.by.user Vrushali Parkar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

  • In the case of Non-CSP, an office 365 user with global permissions has to be used. 

  • In the case of CSP, a ​partner center user having global admin permissions should be used. ​

  • ​This screen will likely change as we add more integrations.

  1. Navigate to Global Settings(⚙) > Integrations and choose Azure AD from the integrations listed here.

    Image Modified

  2. It will lead you to add credentials for your Azure AD Instance. Provide details as requested.

Enter Azure AD Credentials

  1. Click on + to add Azure AD credentials.

    Image Modified

  2. Choose a name for the credentials and Save.

    Image Modified

  3. On clicking the Save option is clicked, you are redirected to sign in to your Microsoft account.

...

  1. Image Added

  2. Once the login is successful, the Azure AD Credentials will be stored. It is possible to add multiple credentials. You need to log on with a user having a Global Administrator role.

Image Modified

Company Mapping

  1. The next step is to map local companies in CyberCNS to Azure AD companies corresponding to the selected Azure AD credentials.

  2. In New Company Mapping, choose the Azure AD Credential of your choice from the dropdown and click on +Add to map the company.

    Image Modified

  3. One of these two options could be selected

...

  1. 🔸 Import Companies from Azure AD:- To import multiple companies at a time.

    🔹 Map Existing Company to a Azure AD company:- To map an existing company to the Azure AD company.

  2. To import multiple companies from Azure AD, choose Import Companies from Azure AD, click on Next.

...

  1. Image AddedImage Added

  2. Multiple companies can be added in the user interface.

  3. Now click on Finish to import all the selected Azure AD companies.

...

  1. As shown in the below image, select the Existing company and Azure AD company by using a dropdown or with the search bar as per the requirement.

    Image AddedImage Added

  2. Once the company is selected click on ‘+' to select the company and click on Finish to map all the selected Azure AD companies.

    Image ModifiedImage Modified

  3. There is an option to Delete the integration mapping using the Action column. Any company mapping can be deleted if needed.

Image Modified

Info

  • When Azure AD credentials and Company Mapping are added, the two tabs Azure Active Directory and Microsoft Secure Score will be enabled on the Companies that have the mapping.

  • Please wait for up to 2 hours post successful Azure AD integration to get the data under Azure Active Directory and Microsoft Secure Score section.

Azure Active Directory

  1. Now on the Company Level, Navigate to Azure Active Directory to get the details of Active Directory User Data, Active Directory Role Assignments, Active Directory Groups, and Active Directory Audit Logs.

  2. In Active Directory User Data will get the details of User Principal Name, Display Name, Given Name, Account Enabled, and Created Date Time.

...

  1. Image Added

  2. In the Active Directory Groups, will get the details of Display Name, Mail, Group Types, Mail Enabled, Proxy Addresses, Resource Behavior Options, Security Enabled, Security Identifier, Visibility, and Created Date Time.

...

Microsoft Secure Score

Microsoft Secure Score is a numerical summary of your security posture based on system configurations, user behavior, and other security-related measurements; it is not an absolute measurement of how likely your system or data will be breached.

...

Once you enter the credentials, it will register the application with Microsoft. On successful registration it will populate the data to CyberCNS portal under the company you have mapped it. It takes approx 15 mins to get registered with Microsoft.

...

Info

Non CSP, Please follow below steps for Azure AD integration.

Step 1: Make sure the credentials used for integration have global admin permissions.
Step 2: In the same CyberCNS browser window, please login to the Azure portal in the adjacent tab.

...

Step 5: Please wait for 10 to 15 minutes after the consent. Microsoft takes time to approve the application. After the approval the data should be populated in CyberCNS portal.

Troubleshooting

Troubleshooting Case 1

While signing in to Microsoft account, Permission to be granted by enabling the checkbox “Consent on behalf of your organization”.

  1. For CSP user follow the below steps to troubleshoot the issue

    1. Replace the customerid with Azure tenent ID in the below URL

    2. https://login.microsoftonline.com/{customerid}/v2.0/adminconsent?client_id=41347456-8f58-4bee-9a3a-0f5708b7212f&scope=offline_access%20Organization.Read.All%20User.Read%20AccessReview.ReadWrite.All%20email%20Reports.Read.All%20SecurityEvents.Read.All%20Directory.AccessAsUser.All%20Directory.ReadWrite.All%20openid%20profile%20User.ReadWrite.All%20Group.ReadWrite.All%20SecurityEvents.ReadWrite.All%20AuditLog.Read.All&redirect_uri=https://authccns.mycybercns.com&state=12345 Login with customer administrator account and accept all the steps wait for some time to see populated data.

  2. For Non CSP user follow the below steps to troubleshoot the issue

    1. If the consent has not enabled the checkbox before sign in to Microsoft Account, follow the steps below

      1. login to Microsoft Azure portal https://portal.azure.com

      2. Click on Enterprise Applications -> Search for your Tenent in overview

        Image Added

      3. In the Enterprise Applications, Click on All Applications → Click on CyberCNS Application

        Image Added

      4. After clicking on CyberCNS click on Properties → Delete the application

        Image Added

    2. Navigate to Global Settings(⚙) > Integrations and choose Azure AD from the integrations listed here.

      Image Added

    3. It will lead you to add credentials for your Azure AD Instance. Provide details as requested. Enter Azure AD Credentials

    4. Click on + to add Azure AD credentials.

      Image Added

    5. Choose a name for the credentials and Save.

      Image Added

    6. On clicking the Save option is clicked, you are redirected to sign in to your Microsoft account.

      Image AddedImage Added

    7. Once the login is successful, the Azure AD Credentials will be stored. It is possible to add multiple credentials. You need to log on with a user having a Global Administrator role.

...

If data is not populated check in Microsoft Azure portal in CyberCNS permissions, the type of permissions to be granted for Admin account or User account.

...

Troubleshooting Case 2 - 90 Days token expired

  1. Navigate to Global Settings(⚙) > Integrations and choose Azure AD from the integrations listed here.

...

It will lead you to add credentials for your Azure AD Instance. Provide details as requested.

Enter Azure AD Credentials

  1. Click on + to add Azure AD credentials.

    Image Added

  2. Choose a name for the credentials and Save.

    Image Added

  3. On clicking the Save option is clicked, you are redirected to sign in to your Microsoft account.

    Image AddedImage Added

  4. Once the login is successful, the Azure AD Credentials will be stored. It is possible to add multiple credentials. You need to log on with a user having a Global Administrator role.

...

This completes Azure AD Integration.

...