1. CyberPedia
  2. AD-Integration (Azure AD)

AD-Integration (Azure AD)

Make your administrative work on the Awareness training easier with AD integration! By integrating with your Azure AD, users from the AD will automatically be synchronised/added to the Awareness training platform. The employees will also be able to log on to the platform with their usual Office365 login. 

Full AD integration consists of two parts:

Single Sign-on (SSO): 

When the user is added on the Awareness training platform, they will be able to log on to the platform with their Office365 information. 

 

Auto-sync (AS): 

When a user is added to a specific group in your Azure AD, the user will also be added to the Awareness training platform. The user is assigned to a pre-set curriculum of courses and will receive an email with a link to the platform. The user can log on to the platform with their Office365 information. 

 

Requirements and limitations

  • Azure AD: Integration can only be done with Azure AD. If you use regular Windows AD, it is sometimes possible to synchronise to Azure AD.
  • The admin who does the setup in Azure AD will as a minimum need a P2 license. Regular users will not need this license.
  • Multifactor is supported in SSO.
  • All users that need to be synchronised to the Awareness training platform must have their first name, surname and exchange account (e-mail) filled out in your AD. If any of this information is missing, the user cannot be added on to the platform. A user will not be able to log on with SSO, if their exchange account is missing.
  • Login (username) must always be the user’s e-mail and must correspond with their login- and contact e-mail in the Azure AD.
  • Extra information from the AD can also be imported. This is typically the “Department” field, but it is also possible to import custom fields to the platform. Please note that it is not possible to extract data from the “Manager” field. There must not be a comma or semicolon in the data that is subtracted from the fields (e.g., it cannot say “Sales, marketing, and accounting” in the Department field, but it can say “Sales marketing and accounting” without the comma).
  • Language control runs through groups in your own Azure AD. If the training is to be delivered in two languages, you will have to set up two groups in the customers AD. Here you will have to divide the users based on the preferred language. CyberPilot cannot transform possible language codes from the customers AD auto-sync so that language preferences are sorted with the groups in Azure AD. Dynamic groups in Azure AD can be set up to include specific users (e.g., users with a country code, specific language etc.). Likewise, dynamic groups can be used to sort out specific users with different rules.

The process for setting up AD integration

  1. You must notify CyberPilot if you wish to use AD integration and appoint the IT employee, who is responsible for your Azure AD, with the task of setting up the AD integration for you.

  2. CyberPilot prepares the Awareness training platform for AD integration and lets the appointed IT employee know when it is ready.

  3. The IT employee receives instructions from CyberPilot and can then start with the set up. You coordinate with the IT employee on what users should be added to the Awareness training platform before the planned start. In practice, CyberPilot subtracts a list just before start-up and creates a manual upload of the users. We do this, as the upload of users will start the training and send a notification e-mail to the users. Because of this, the upload of the user list is delayed until the start-up day. It is not until after this, that the automatic daily synchronisation is set up.

  4. You will notify CyberPilot that the setup has been completed, and CyberPilot will test the setup and confirm that it is working as intended.

  5. You will then let CyberPilot know what date they wish to start up, and this will then be done on the date that you choose.

  6. Following the start-up, the AD integration will move over to operation and you will be responsible for setting up internal processes for onboarding/offboarding of your employees. It is typically the same IT employee that will be adding new users to the right groups in your Azure AD. 

Billede-af-pdf

Download

 

Got a question?

Contact us at info@cyberpilot.io