SSO AzureAD Query

Solved1.43K viewsAzure AzureAD SAML SSO
3
0 Comments

Hello Dojo!

Looking for some SSO/AzureAD expertise, if someone can advise on the following please;

Q: We don't have the Azure AD element from this doc in our XML, but it works so is it required? And what are we missing out when its not there?

using the documentation: https://docs.dataminer.services/user-guide/Advanced_Functionality/Security/Advanced_security_configuration/Configuring_external_authentication_via_an_identity_provider_using_SAML.html#configuring-dataminer-to-import-users-and-groups-from-azure-ad

Marieke Goethals [SLC] [DevOps Catalyst] Selected answer as best 13th October 2023

2 Answers

1
546 1 Comment

Hi Wil,

Indeed, this xml element is not part of the default DataMiner.xml, it's supposed to be added manually during setup (as there is no UI to configure this).
Without this, the local DataMiner agent will not know how to query the Azure Active Directory.

What exactly do you mean by 'it works' because I would suspect you would not be able to log in with your AzureAD credentials or be able to import its users & groups?

Perhaps your client session is connected to another agent which already has this configured?

To be clear, this configuration is not required for DataMiner to function, unless you want to use the active directory on Azure instead of the one configured in Windows.

Wil Helps [DevOps Enabler] Posted new comment 12th October 2023
Wil Helps [DevOps Enabler] commented

Thank you Robbe,

2nd point as in we can auth with SAML into the instance but were not importing groups/users – they are only created on first login(for users) and groups are done manually.

We will be fully implementing the configuration.
You are viewing 1 out of 2 answers, click here to view all answers.