Azure AD Integration Legacy

Owned by Sneha B A (Unlicensed)
Last updated: May 18, 2023 by Malathi Latha
8 min read

CyberCNS features out-of-the-box Azure AD Integration support. Simply enter Azure AD credentials and get the Azure AD statistics to help analyze the network.

Select Integration

  • In the case of Non-CSP, an office 365 user with Global Admin Permissions has to be used. 

  • In the case of CSP, a ​partner center user having Global Admin Permissions should be used. ​

  • For CSP the application to be registered as a Multitenant and for Non-CSP the application to be registered as a Single tenant.

  • ​This screen will likely to change as we are adding more and more integrations.

  • Navigate to Global Settings() > Integrations and choose Azure AD from the integrations listed here.

CSP

Enter Azure AD Credentials

  1. Click on + to add Azure AD credentials.

  2. Choose a name for the credentials and Save.

To get the Client ID, Tenant ID, and Client Secret please follow the below steps:

  • In the Microsoft Azure portal, navigate to App Registrations> New Registration.

  • Choose the supported account types as Multitenant.

Please note that the Client ID, Tenant ID and Client Secret will be the same ID only when the registering the existing application in the in the partner center portal.

  • Copy the Application (Client) ID and Directory(Tenant) ID from here to be provided into the CyberCNS portal under Azure AD Integration.

  • Create a New Client Secret for this application.

  • Provide a description for this new client secret and click on Add.

  • Once added an auto-generated Value will be seen. Copy this Value and use it as a Client Secret into CyberCNS Portal.

  • Below are the permissions required for a CSP account. Make sure to have these API permissions(the below-mentioned API Permissions should have type as Application and Delegated) in place.

  • Navigate to the Partner Center to register the existing application created in the Azure portal → Sign in to https://partnercenter.microsoft.com.

  • In the Dashboard, choose Account Settings.

  • Navigate to the App Management.

  • In the Web App section, choose Register existing app(As this application is created in the Azure Portal).

Please note that the Client ID, Tenant ID and Client Secret will be the same ID only when the registering the existing application in the in the partner center portal.

  • Select the web app you created in the Azure portal and click on register your app.

  • Select the duration and click on Add Key to generate the client secret for this application.

  • The Key will be generated for the time duration user has selected. Once the key expires after the set duration, the User has to generate a new key and update it in the CyberCNS Azure AD Integration section.

  • Copy the Client Secret(Key) to be provided in the CyberCNS Azure AD Integration.

  • Once all required details are added to CyberCNS, click on Save.

  • Once the login is successful, the Azure AD Credentials will be stored successfully. It is possible to add multiple credentials.

  • A user should have a Global Administrator role/permissions required to be added.

NON-CSP

Enter Azure AD Credentials

  1. Click on + to add Azure AD credentials.

  2. Choose a name for the credentials and Save.

To get the Client ID, Tenant ID, and Client Secret please follow the below steps:

  • In the Microsoft Azure portal, navigate to App Registrations> New Registration.

  • Choose the supported account types as Single tenant.

  • Copy the Application (Client) ID and Directory(Tenant) ID from here to be provided into the CyberCNS portal under Azure AD Integration.

  • Create a New Client Secret for this application.

  • Provide a description for this new client secret and click on Add.

  • Once added an auto-generated Value will be seen. Copy this Value and use it as a Client Secret into CyberCNS Portal.

  • Below are the permissions required for a Non-CSP account. Make sure to have these API permissions in place.

  • Once all required details are added into CyberCNS, click on Save.

  • On clicking the Save option, the redirection to Microsoft Sign-in page is seen.

 

  • Once the login is successful, the Azure AD Credentials will be stored successfully. It is possible to add multiple credentials.

  • A user having a Global Administrator role/permissions is required to be added.

Company Mapping

  1. The next step is to map local companies in CyberCNS to Azure AD companies corresponding to the selected Azure AD credentials.

  • In New Company Mapping, choose the Azure AD Credential of your choice from the dropdown and click on +Add to map the company.

  • One of these two options could be selected

Import Companies from Azure AD:- To import multiple companies at a time.

Map Existing Company to an Azure AD company:- To map an existing company to the Azure AD company.

  • To import multiple companies from Azure AD, choose Import Companies from Azure AD, and click on Next.

  • Multiple companies can be added to the user interface so the Azure AD data to be synced to the appropriate companies selected.

  • Now click on Finish to import all the selected Azure AD companies.

  • There is an option to Delete the integration mapping using the Action column. Any company mapping can be deleted if needed.

  • As shown in the below image, select the Existing company and Azure AD company by using a dropdown or with the search bar as per the requirement.

  • Once the company is selected click on ‘+' to select the company and click on Finish to map all the selected Azure AD companies.

  • There is an option to Delete the integration mapping using the Action column. Any company mapping can be deleted if needed.

Azure Active Directory

  • At the Company Level, Navigate to Azure Active Directory to get the details such as Active Directory Users, Active Directory Computers, Active Directory Role Assignments, Active Directory Groups, and Active Directory Audit Logs.

  1. In Azure Active Directory User, the details of User Principal Name, Display Name, Assigned Roles, MFA Enable status, Other Mails, Password Policies & User Created On date & time are seen.

  • In the Azure AD Users section, click on the Users to view the user details which are the Assigned Plans, Provisioned Plans, and Assigned Licenses.

2. In the Azure AD Computers section, the details like Asset Name, Host Name/IP, AD OS, OS Version, Distinguished Name, and Intune Managed status are seen.

3. In the Azure Active Directory Groups, the details like Display Name, Mail, Group Types, Is Mail Enabled, Proxy Addresses, Resource Behavior Options, Security Enabled status & Security Identifier are seen.

4. In Azure Active Directory License, the details like License Friendly Name, SKU Part Number, Active Units, Consumed Units, Warning Units & Suspended Units are seen.

5. In Azure Active Directory Roles, the details like Display Name, User Count, Description of the role & Role template ID are seen.

6. In Azure Active Directory Logs, the details like Activity Display Name, Category of the activity, Result, Result Reason, Logged by Service, Correlation id, Activity Initiated by User & Initiated from IP are seen.

Â