Azure AD Synchronization

The Enterprise Server does not only include the standard Active Directory synchronization but also Azure AD synchronization. To launch the Azure AD synchronization wizard open the Server Manager and go to Tools → Azure AD Synchronization. The latter is required if you would like your users to use their Microsoft credentials to access their databases. As is the case with the AD synchronization you need to make sure to run the Azure AD synchronization wizard correctly. Azure AD users cannot be added to the Server Manager manually -this is the only way to do it.

WARNING: To initiate Azure AD synchronization, you must first read:  Adding Password Depot Enterprise Server as an Enterprise Application in Azure Active Directory. Afterward, you can proceed with the following steps:

Organization

When launching the wizard you first have to choose an organization which should be used for the import of Azure AD users. If you cannot select an organization from the drop down-menu, click New... right next to it. Afterwards you will have to select a Microsoft account that is supposed to be stored as organization.

NOTE: Only the administrator's user account can be used to sign in to an organization!

Enter the administrator's user name and password to login. Next, you will be asked to also enter the second factor displayed in your authenticator app. Two-Factor Authentication is always required in this case because it is part of the Microsoft security policies. If you have logged in successfully, the Azure AD users/groups that are available for synchronization will be displayed in the wizard accordingly. Select the objects you would like to import. Afterwards, click Synchronize to start the actual synchronization process. The synchronization results will be shown subsequently. If you can see here all users/groups you would like to import you can close the wizard.

Additional options

Check deleted objects: If you activate this option, the synchronization wizard will check and compare any deleted objects (users and groups, for example) in both, the Azure AD and Password Depot Enterprise Server. 

HINT: If a user has been added to the Server Manager through Azure AD synchronisation, you can open the user properties, go to the tab Account and see that the option Azure Active Directory has already been checked automatically as the default type of authentication. Besides, you can find more Azure AD attributes of a user in the Azure AD tab of the user properties. All those attributes are entered automatically during Azure AD synchronisation and you should not insert any data here manually.

Please have a look at our Password Depot desktop client manual to learn how Azure AD users can log on to the Enterprise Server.

Import Users and Groups from Azure AD

After establishing the connection to Azure AD, you can search for specific users or groups to add. If you leave the Search users and groups field empty and click on Search now" all entries from Azure will be displayed for selection.

You can now check the box for individual entries to select them, or right-click and choose Select all.

Once you have completed your selection, click on Synchronize to finalize the import.