Page Comparison

...

1. Login to Azure Active Directory with your admin credentials.

2. Click Azure Active Directory to be redirected to your tenant’s overview page.
   

   

3. Copy and save the Primary domain for the tenant you want to sync for use in a later step.
   

   

4. Login to Zilla with your admin credentials.
   

   

5. You will see your Zilla Applications tab, click Add Application button at the top right.
   

   

6. You will see Add Application screen with Search Library tab. Type aad as search text, and click Add to Applications button on the right side of the Azure Active Directory entry.
   

   

7. Fill in the form with appropriate details and click Add to Applications button.
   

   

8. The AAD instance will be added to your Applications, click the Azure Active Directory application name.
   

   

9. You will see a detailed application instance page. Click Sync now in the top right corner.
   

   

10. A dialogue appears, enable API Integration.
    

    

11. Upon enabling the API Integration more customization options appear.
    

    Image RemovedImage Added

    1. AAD tenant's domain name - Fill in the domain name saved

    in Step 3

    1. above.

    2. Sync All

    Accounts? ( Yes/No ) - Yes will sync all of your organization’s users, No will sync only users who have any roles assigned to them and users without any roles will not be synced. Default value: Yes.Sync All

    1. Groups? ( Yes/No ) - Yes will sync all groups from Azure Active Directory, No will only sync security-enabled groups. Default value: No.

    2. Comma-separated attributes that identify a user - Provide an AAD-specific attribute (e.g., employeeId, jobTitle, department, etc) for which you want to sync AAD users. For example, if you specify department, only accounts that have a defined department will be imported. If multiple attributes are specified, all accounts having at least one of the attributes defined will be imported.

    Make

    1. Be sure to refer

    the

    1. to this document before entering the attribute, otherwise all the accounts will be marked as Service if the attribute does not match with what

    given

    1. is specified in the document.

    2. Auto Discover Azure Cloud subscriptions? (Yes/No) - Yes will auto-discover all the Azure Cloud subscriptions and create application instances for them in Zilla. Default value: No.

    3. Auto Sync discovered subscriptions? (Yes/No ) - Yes will automatically sync the auto-discovered subscriptions when the parent is synced. This value should be set to No if Auto Discover Azure Cloud subscriptions? (Yes/No) is set to No. Default value: No.

    4. Enable account modifications? (Yes/No) - Yes will automatically revoke group memberships, group ownerships and permissions that have been flagged for revocation after an access review during a sync. Note: This setting is only available if Account Modifications are enabled in the tenant Settings.

12. Click Sync Now.

13. Click Next.
    

    

14. You will be taken to the Microsoft site where you need to log in with a user with the Admin (Global administrator) role for AAD and grant consent on behalf of the organization.

15. The consent screen will look like the image below when Auto Discover Azure Cloud subscriptions? (Yes/No) is set to Yes.

    

16. The consent screen will look like the image below when Auto Discover Azure Cloud subscriptions? (Yes/No) is set to No.

    

17. The consent screen will look like the image below when Enable account modifications? (Yes/No)(Yes/No) is set to Yes. Highlighted permissions are the new ones for consent if you have previously synced AAD with Enable account modifications? (Yes/No) set as No.

    Image Added

18. Click Accept. On successful OAuth, you will be redirected to Zilla with Sync in progress... message for newly added AAD application instance.

19. On successful sync, you will see the following notification:
    

    

...

Note: If you try to sync in a tenant other than for which you have entered the domain, Microsoft will return an error message.

...

...