In this article, you will find information about how to synchronize the Azure Active Directory Groups and Users with the HEIMDAL Dashboard. This operation enables you to assign any of the endpoints from your environment to a HEIMDAL Dashboard Group Policy that is linked to an Azure Active Directory Group. To do that, you need to make sure that the SAML 2.0 Login feature is enabled and linked to your Azure Active Directory Tenant ID and that the Azure Active Directory Groups and Users are synchronized with the HEIMDAL Dashboard.
1. Enabling SAML 2.0 Login
2. Synchronizing the Azure Active Directory Groups and Users
Enabling SAML 2.0 Login
In order to synchronize the Azure Active Directory Groups and Users, you need to make sure that the SAML 2.0 Login feature is enabled and linked to your Azure Active Directory Tenant ID. If SAML 2.0 Login hasn't been enabled yet, follow the instructions described in the following article to enable SAML 2.0 Login: https://support.heimdalsecurity.com/hc/en-us/articles/360019971018-SAML-2-0-Login
Synchronizing the Azure Active Directory Groups and Users
1. Log in to the HEIMDAL Dashboard using your HEIMDAL Dashboard credentials or the Azure Login functionality.
2. Go to the Guide section and click on the Customer Settings Tab.
3. Click on Grant application consent.
4. You will be prompted to log in with your Microsoft credentials (in case you initially logged in with the regular login method):
5. Press Accept to grant permission to the Heimdal Security Dashboard Sync.
6. Synchronize the Azure Active Directory Groups and Users with the HEIMDAL Dashboard by pressing the Sync Groups / Sync Users buttons:
7. The HEIMDAL Dashboard will read all the Azure Active Directory Groups found under your Tenant ID:
8. From the dropdown below, select what Azure Active Directory Groups will be synchronized with the HEIMDAL Dashboard (type in at least 4 characters to see the groups being displayed) and hit the Update button:
IMPORTANT
The Azure Active Directory Groups and Users are automatically synchronized every 4 hours, so if a change is performed on an Azure AD Group or a new user is being added/remove to/from an Azure Active Directory Group, it will take 4 hours until the update will propagate.
Although RESELLERS can impersonate and add/edit the Azure Active Directory Tenant IDs on behalf of their ENTERPRISE Customers, they CANNOT synchronize Azure Active Directory Groups and Users on behalf of their ENTERPRISE Customers.