This article has been extracted (& extended) from Microsoft's tutorial: Azure Active Directory integration with Asset Bank
Adding Asset Bank from the gallery
- In the Azure classic portal, on the left navigation pane, click Active Directory.
- From the Directory list, select the directory for which you want to enable directory integration.
- To open the applications view, in the directory view, click Applications in the top menu.
- Click Add at the bottom of the page.
- On the What do you want to do dialog, click Add an application from the gallery.
- In the search box, type Asset Bank.
- In the results pane, select Asset Bank, and then click Complete to add the application.
- In the Azure classic portal, on the Asset Bank application integration page, click Configure single sign-on to open the Configure Single Sign-On dialog.
- On the How would you like users to sign on to Asset Bank page, select Azure AD Single Sign-On, and then click Next.
- On the Configure App Settings dialog page,
In the Sign On URL textbox, type the URL used by your users to sign-on to your Asset Bank application using the following pattern:https://my.assetbank.domain
In the Identifier textbox type:https://my.assetbank.domain/shibboleth
Check: Show advanced URL settings
In the Reply URL textbox type:
https://my.assetbank.domain/Shibboleth.sso/SAML2/POST - On the Configure single sign-on at Asset Bank page, click Download metadata, and then save the file on your computer.
- Select the single sign-on configuration confirmation, and then click Next.
- On the Single sign-on confirmation page, click Complete
- Send the metadata file to our support team in you are hosted with us.
Alternatively, if you manage your own server, please get in touch with our support team to receive further instructions.
Assigning AD users to Asset Bank
- On the Azure classic portal, choose your Directory and open the applications view
- In the applications list select Asset Bank
- In the menu bar on the top click Users
- In the Users list select the desired user, in the toolbar on the bottom click Assign
Mapping AD groups to Asset Bank user groups
You can configure your Asset Bank to automatically assign users to certain group(s) based on the Azure AD group(s) they are in, see this article for more details.
When authenticating a user, Azure AD will provide the user groups IDs rather than their names therefore you would need to retrieve such IDs from your directory in order to complete the mapping in Asset Bank.
From your Directory open the Groups view
Select the desired Group and open the Properties view
The group ID is called Object ID
Retrieve Azure AD Single Sign-on URL for Asset Bank
Users will be able to sign-on with their Azure AD account from the Asset Bank login page.
However, if you prefer, you can use Microsoft's direct link: from your Asset Bank application Dashboard
You can find the Single Sign-on URL on the bottom right corner of the page
Comments
0 comments
Please sign in to leave a comment.