Import from Microsoft Entra ID

The Enterprise Server includes not only the standard Active Directory import but also support for Microsoft Entra ID (formerly Azure AD) import. To launch the import wizard, open the Server Manager and go to Tools → Import from Microsoft Entra ID. This import is required if you want your users to sign in to the Enterprise Server using their Microsoft credentials. As with the Integrated Windows Authentication (SSO), you need to run the Microsoft Entra ID import correctly before users can authenticate, since Microsoft Entra ID users can only be added to the Server Manager through this import process (they cannot be added manually).

WARNING: Before you can start the Microsoft Entra ID import, you must first Adding Password Depot Enterprise Server as an Enterprise Application in Microsoft Entra ID. Afterward, you can proceed with the following steps.

Step 1: Organization (Login)

On the start page of the wizard, you first need to select an Organization from the dropdown menu from which the Microsoft Entra ID users should be imported. If no organization is listed in the dropdown, click New... to add a new organization. You will then need to sign in with a Microsoft account that should be stored as the organization.

NOTE: Only the administrator's user account can be used to sign in to an organization!

Enter the administrator's user name and password, and you will then be prompted to enter the second factor from your authenticator app. Two-factor authentication is mandatory at this step and cannot be bypassed, as it is part of the Microsoft security policies. Click Login to establish the connection to the organization.

Additional Options

Check deleted objects: Enable this checkbox to check and compare deleted objects (such as users or groups) between Microsoft Entra ID and Password Depot Enterprise Server. If deleted objects are found, an additional step is displayed after the search where you can specify an action for each deleted object (see Step 3).

Step 2: Search and Import Users and Groups

After a successful login, you will be taken to the search page. Here you can search for specific users or groups and select them for import:

  • Enter a search term in the search field to find specific users or groups. Leave the field empty to display all available entries.
  • Click Search now to start the search. Use the adjacent button to clear the search field.
  • Search results are displayed in a list with the columns Name, Type, Department, and Description. Groups are classified as Security Group or M365 Group, and users are shown with their respective user type.
  • Check the desired entries to select them for import. Right-click to access Select all or Invert selection.
  • Click Import to start the import process. If deleted objects were found (see Step 3), the button will read Next > instead.

Step 3: Process Deleted Objects

This step is only displayed if the option Check deleted objects is enabled and deleted objects were found in Microsoft Entra ID that still exist in the Password Depot Enterprise Server. For each found object, you can choose one of the following actions:

  • Ignore: The object is left unchanged and remains in the Enterprise Server as-is.
  • Disable: The object is disabled in the Enterprise Server but not deleted.
  • Delete: The object is permanently removed from the Enterprise Server.

Select the desired entries and click the appropriate action button. Then click Import to execute the actions and complete the import.

Import Results

After the import is complete, the results are displayed. For each imported user or group, the status is shown (e.g., Added successfully or Updated successfully). Disabled accounts are skipped during import. Once all desired users and groups have been imported successfully, you can close the wizard.

HINT: Once a user has been added to the Server Manager through Microsoft Entra ID import, you can open the user properties, go to the Account tab, and see that the Microsoft Entra ID option has been automatically enabled as the authentication type. Additionally, you can view further Microsoft Entra ID attributes of an imported user in the Microsoft Entra ID tab of the user properties.

Please refer to the Password Depot desktop client manual to learn how Microsoft Entra ID users can log on to the Enterprise Server.