Importing entities from Azure AD - Card Synchronization 3.0

Card Synchronization Plugin Guide 3.0

series
Card Synchronization 3.0
revised_modified
2018-08-29

You can import entities from Azure Active Directory (AD) into Security Center using the Card Synchronization plugin. After the import, changes made in that data source can be synchronized in Security Center.

Before you begin

You must create an application registration in your Azure Active Directory. This provides you with the Client ID and Key that are required to create the Azure AD data source in the plugin.

What you should know

Including pictures in the data source increases import time.

Procedure

  1. From the Config Tool home page, open the Plugins task.
  2. In the Plugins task, select the Card Synchronization plugin role from the entity browser, and click the Properties tab.
  3. In the Data sources section, click Add data source ().
  4. In the dialog box, from the Data source type list, select Azure AD.
  5. On the Data source configuration page, configure the following settings:
    Name
    Enter a name for the data source.
    Tenant name
    Enter the name of the Azure AD tenant that you want to import.
    Client ID
    Enter the Client ID that is used to connect to the Azure AD service.
    App key
    Enter the application key that is used to connect to the Azure AD service. This is generated when you register an application on Azure.
  6. Click Validate configuration, and then configure the following options:
    Filter groups
    Set to ON, if you only want to import certain cardholder groups, and then select the groups you want to import.
    NOTE: When set to OFF, all cardholder groups are imported if Import Groups is selected.
    Import Cardholders
    Select the check box to import cardholders. The Cardholders tab is displayed only when this check box is selected.
    Import Groups
    Select the check box to import cardholder groups. The Cardholder groups tab is displayed only when this check box is selected.
  7. Click the Cardholders tab, and then map each Security Center field to the corresponding Azure AD field.
    NOTE: To import pictures for cardholders from Azure AD, select the Import Cardholder pictures check box on the Cardholders page. By default, this check box is not selected.
  8. Click the Cardholder groups tab, and then map each Security Center field to the corresponding Azure AD field.
  9. Click Validate configuration.
    If the configuration is valid, the following message is displayed: No errors found.
  10. Click OK.
  11. Click Save and close, and then Apply.

Results

When a synchronization occurs, the Azure AD source is added to the list of data sources, and the entities are created in Security Center upon synchronization.