Help CenterAtera's integration with Azure Active Directory (AD) enables you to import and sync your organization's users from Azure AD to Atera, keeping your Atera users effortlessly up-to-date. This integration is a secure one-way sync in which new users in Azure AD are created in Atera and existing users are updated in Atera to match Azure AD. You can also initiate on-demand syncs at any time to keep your users current.
Atera's integration with Azure Active Directory (AD) enables you to import and sync your customers' contacts from Azure AD to Atera, keeping your Atera contacts effortlessly up-to-date. This integration is a secure one-way sync in which new contacts in Azure AD are created in Atera and existing contacts are updated in Atera to match Azure AD. You can also initiate on-demand syncs at any time to keep your contacts current.
Note: This article provides instructions for manual import and updating of users from Azure AD for a one-time sync. However, you can re-sync at any time to keep your users updated.
Note: This article provides instructions for manual import and updating of contacts from Azure AD for a one-time sync. However, you can re-sync at any time to keep your contacts updated.
For information on how to automatically sync Azure Active Directory with Atera, see Azure AD continuous sync
This article describes:
- How syncing with Azure AD works
- Connecting with Azure AD
- Syncing contacts on demand
- Disconnecting from Azure AD
How it works
- Simple, one-way sync from Azure AD to Atera.
- 100% secure. Login credentials are never saved.
- Atera Admin permissions are required.
- When Azure AD Offices/Departments are matched to Atera ‘Sites’, the new users are created in Atera (if they don't already exist)
- Users are matched based on email addresses. If Azure identifies that user already exists in Atera, then user information including first name, last name, job title, and mobile phone will be updated in Atera based on Azure AD. The integration will override all the values of these fields in Atera, with their respective information from Azure.
- Users that exist in Atera, but not in Azure AD, won’t be affected.
- If a user that was imported/updated from Azure, is modified in Atera, syncing with Azure will override this modification.
- If an email of a user that was imported/updated from Azure is modified in Atera, then syncing with Azure will create a new user in Atera.
- All of a site's existing Azure AD users will automatically be created in Atera, including shared mailboxes (if they don't already exist) upon connecting with Azure AD.
- When importing users from Azure Active Directory, Atera will use the User principal name.
- Simple, one-way sync from Azure AD to Atera.
- 100% secure. Login credentials are never saved.
- Atera Admin permissions are required.
- The Azure integration is unique to each customer, as the credentials used are specific to each customer. You can choose to disconnect specific customers from the integration while keeping others connected.
- All of a customer’s existing Azure AD contacts will automatically be created in Atera, including shared mailboxes (if they don’t already exist) upon connecting with Azure AD.
- Contacts are matched based on email addresses. If Azure identifies that contact already exists in Atera, then contact information including first name, last name, job title, and mobile phone will be updated in Atera based on Azure AD. The integration will override all the values of these fields in Atera, with their respective information from Azure.
- Contacts that exist in Atera, but not in Azure AD, won’t be affected.
- If a contact that was imported/updated from Azure, is modified in Atera, syncing with Azure will override this modification.
- If an email of a contact that was imported/updated from Azure is modified in Atera, then syncing with Azure will create a new contact in Atera.
- When importing contacts from Azure Active Directory, Atera will use the User principal name.
Connect with Azure AD
The Azure integration is unique to each customer, as the credentials used are specific to each customer. This means that for each customer, you will need to enter their Azure Admin credentials the first time you connect.
This section describes:
User groups and user types
- User Groups: In Azure AD, user groups are a way of grouping together multiple users for easy control over application access, resource management, and email distribution.
- User types: In Azure AD, user types refer to the different types of identities that can be created and managed within the directory. Member and Guest users are the two most common user types. Members represent people inside an organization, while Guests represent people outside the organization who need access to resources protected by Azure AD. Administrators in Azure AD can control the permissions and access for both Member and Guest users.
When importing users from Azure AD to Atera, you have the option to import all users, specific user types, or only users in specific user groups.
Note: At the moment, Atera supports up to 999 user groups when syncing with Azure AD.
When importing contacts from Azure AD to Atera, you have the option to import all contacts, specific user types, or only contacts in specific user groups.
Note: At the moment, Atera supports up to 999 user groups when syncing with Azure AD.
To connect
1. From Sites (on the sidebar), select the site you want to sync with Azure AD.
1. From Customers (on the sidebar), select the customer you want to sync with Azure AD.
2. From the New site dropdown menu (within the Users tab), select Import from Azure AD
2. From the Sync contacts dropdown menu (within the Contacts tab), select Sync with Azure AD
The Connect with Azure Active Directory page appears.
3. Click Connect
4. Sign in to Microsoft Azure AD with your organization's Admin credentials.
4. Sign in to Microsoft Azure AD with your customer's Admin credentials.
Once connected, the import wizard appears.
5. Select the field you typically use to classify your office locations in Azure AD ('Office' or 'Department'), then click Next.
6. Match Azure AD offices or departments to Atera sites to import users to the right place. Any unmatched offices/departments will not be imported. When you're finished, click Next.
Note: If a location was not specified in Azure AD as either Office or Department, then it appears as 'Undefined'.
7. Select the user groups from Azure AD you want to sync with Atera (optional). When you're finished, click Next.
Note: Selecting 'All groups' will import all users in Azure AD that are assigned to groups. However, it's important to note that this option only imports those users that are assigned to groups in Azure AD. If you want to ensure that you import all of your users, including those who are not part of any group, we recommend skipping the group filtering step during the import process.
Note: Selecting 'All groups' will import all contacts in Azure AD that are assigned to groups. However, it's important to note that this option only imports those contacts that are assigned to groups in Azure AD. If you want to ensure that you import all of your contacts, including those who are not part of any group, we recommend skipping the group filtering step during the import process.
8. Select the Azure AD user types you want to import ('Member', 'Guest', or both), then click Import.
6. Select the Azure AD user types you want to import ('Member', 'Guest', or both), then click Import.
A confirmation message appears when the process is complete. Imported userscontacts will have an Azure AD symbol.
Note: You may need to refresh the SiteCustomer page to see your newly imported/updated userscontacts.
7. Repeat these steps for each customer whose contacts you wish to import from Azure AD.
Sync on Demand
Once you've connected to Azure AD at least once, you can initiate on-demand syncs at any time to keep your userscontacts up-to-date without having to re-enter the Azure credentials (the Microsoft authentication token is saved, allowing for a quick reconnection).
To sync on demand:
1. From your selected site (in the Users tab), click the New site dropdown menu and select Import from Azure AD.
1. From your selected customer (in the Contacts tab), click the Sync contacts dropdown menu and select Manage Azure AD integration.
The Azure Active Directory page appears.
2. Click Sync now
3. Follow steps 7-8 above to select the user groups or user types you want to import/update.
3. Follow steps 5-6 above to select the user groups or user types you want to import/update.
A confirmation message appears when the process is complete.
Note: You may need to refresh the SiteCustomer page to see your newly imported/updated userscontacts.
Disconnect from Azure AD
You can disconnect the Azure AD integration for a site at any time. Users that have already been imported to Atera will not be affected.
You can disconnect the Azure AD integration for a customer at any time. Contacts that have already been imported to Atera will not be affected.
To disconnect:
1. From your selected site (in the Users tab), click the New site dropdown menu and select Import from Azure AD.
1. From your selected customer (in the Contacts tab), click the Sync contacts dropdown menu and select Manage Azure AD integration.
The Azure Active Directory page appears.
2. Click Disconnect
3. Click Disconnect again in the confirmation window.
The site is now disconnected from Azure AD.
The customer is now disconnected from Azure AD.
Dana Grob Seligman