Integrate with Microsoft Entra ID
In this topic, you will learn how to integrate Portnox™ Cloud with Microsoft Entra ID (Azure Active Directory) services.
Note: Microsoft Azure Active Directory has been renamed by Microsoft and is now called Microsoft Entra ID.
Warning: If you integrate your Portnox Cloud with both Entra ID (Azure Active Directory) and Active
Directory, the Entra ID integration takes precedence in case of devices that are enrolled in both directories. This means
that if a device is found in Entra ID, Portnox Cloud will not even check for its existence in Active Directory. This is
because in Portnox Cloud, an account representing a device can only be associated with one directory at a time.
-
In the Cloud portal top menu, click on the Settings option.
-
In the Cloud portal left-hand side menu, click on the
option.
-
Enable Microsoft Azure/Entra ID integration.
-
In the Azure Directory Applications provisioning mode step, you selected the
Automatic option.
Important: In this topic, you will integrate Portnox Cloud with Entra ID using the automatic provisioning option. If you prefer to use the Manual option to have granular control over application privileges in your Azure environment, go to the following topic: Integrate with Entra ID using manual provisioning.Warning: Wait for the Microsoft web servers to display the results of each step of the integration before you proceed further. Do not hurry. Otherwise, the integration process may fail and you will need to start it from scratch.
-
Grant Portnox Cloud permissions to deploy enterprise applications in your Entra ID.
-
Grant Portnox Cloud permissions to read directory data.
-
Grant Portnox Cloud permissions to validate user credentials.
-
Select the domains managed by Entra ID that you want to associate with your Portnox Cloud organization.
- If your Active Directory manages many domains you can use the search domains field to search for a string that matches a domain name. The list of domains below the search field will be updated as you type.
- Click on the select all or unselect all link to select or deselect all domains in the list.
- Click checkboxes next to domains to select or deselect them individually.
- After you select the domains, click on the Save Domains button to save your selection.
-
Under the AZURE ACTIVE DIRECTORY INTEGRATION SERVICE section, click on the Force
sync link.
Portnox Cloud will start synchronizing immediately in the background with your Entra ID. If you do not click Force sync, the synchronization process will be started automatically later.
Note: If your Azure directory is very large, this process can take up to approximately an hour. - Optional: If you want to edit the options of your Entra ID integration or configure additional options, read the following topic: Edit your Entra ID integration.
Result: Your Entra ID integration is now active. You can authenticate devices on your network using Entra ID.