This article is aimed at the company's IT administrator.
With Azure Active Directory user synchronization (Azure AD Sync), the company can automatically create and maintain users in facilitynet.io. This feature is recommended to better ensure compliance with the GDPR as well as minimize user administration. Note there is an additional fee for this module.
1. Find tenant ID
Azure AD is divided into so-called tenants, which typically represent organizations. In order to synchronize your users, facilitynet.io must know your tenant ID.
To find the tenant ID, log in to the Azure administrator portal, select "Azure Active Directory" in the menu and "Properties" in the submenu, after which you can see "Tenant ID" in the resulting leaflet:
Microsoft has also made a guide for it:
Microsoft's guide to finding tenant ID
2. Find group ID
The synchronization is based on a group in Azure AD, which determines which people in your organization will be created in facilitynet.io. You must later enter the object ID of this group in facilitynet.io.
To find group ID, go back to Azure Active Directory in the Azure portal and then select Groups:
3. Enter tenant ID in facilitynet.io
Once you have logged in to facilitynet.io as a business administrator, click
Administration->Active Directory
Then go to the tab System and click Opret.
Here, select Microsoft Azure from the menu and enter an optional designation and your tenant ID from step 1 above.
After entering the tenant ID, you will be redirected to an Azure AD consent page, where you must log in with your Azure administrator profile and give permission for FacilityNet to access data in your Azure AD.
Once you have given permission, you will be sent back to the facilitynet.io administrator portal, where you will be notified that the connection has now been established.
4. Create setup for the synchronization job in facilitynet.io
Go to the tab Opsætning and click Opret
- Select the customer type that users should be a member of in facilitynet.io.
- Select users in the resource type field
- Give setup an optional designation
- Enter your group ID from step 2 above.
- Select whether the sync job should update existing users if changes have been made to their profile, and select whether to delete users who are no longer in your Azure AD.
- Choose whether the sync job should compare on email address or initials, for existing users.
- LDAP path and Filter do not need to be filled out.