Skip to main content

Add, edit or delete an Azure Directory

Updated
This article applies to all setups: Cloud-only, On-Premise Appliance-only and Hybrid.

 

You can add an Azure Directory to manage groups of users for your policies in Smoothwall Filter or Monitor.

Configure Azure Directory

  1. Sign in to Entra ID (formerly Azure Active Directory).
  2. Create a new app registration:
    • Leave Supported account type value as Current tenant - Single tenant.
    • Keep a copy of the Application (client) ID and Directory (tenant) ID, as you will need these later. You can also find these on your Overview page.
  3. Grant the Directory.Read.All permission by following Application permission to Microsoft Graph:
    • Enter ‘Directory’ in the search bar and expand the Directory arrow.
    • Select Add Permission, then Grant Admin Consent.

  4. Create and copy the Client Secret by following Step 2.1 Create a client secret.

    Important

    You must copy the secret’s Value (not the Secret ID) before navigating away. The secret’s Value is hidden when you navigate away, so you would need to generate a new one.

 

Set up and sync your Azure Directory

Hybrid setup

Add, sync or edit an Azure directory

You can’t add Directories in the Cloud Portal in most Hybrid setups. This is because Cloud Portal and Appliance can’t sync directory setups and mapped groups with each other. You should follow the instructions for the On-Premise Appliance unless you need an Azure Directory that only exists in your Cloud Portal.

If you need to create a Directory that only exists in the Cloud Portal in your Hybrid setup, select Submit a request from the top of the Help Centre to contact the Support Team.

If we turn on this setting, you can add and edit Azure Directories from either portal, but they won’t be synced.

Note

If the Azure Directory is added in Cloud Portal, users with a "_Device" prefix won’t sync. If the Azure Directory is added in On-Premise Appliance, these users will sync.

 

Delete an Azure directory

Follow the instructions for Appliance unless you have created a directory in your Cloud Portal.

If you have created a directory in your Cloud Portal:

  1. Delete the directory in your On-Premise Appliance.
  2. To delete the directory from your Cloud Portal, select Submit a request from the top of the Help Centre to contact the Support Team. 

Cloud Portal

Note

Cloud Portal won’t sync users with a "_Device" prefix.

 

Add an Azure directory

  1. Go to Admin Panel > Directories.
  2. Select Add directory.
  3. Select Azure, then Confirm.
  4. Enter a name for your directory.
  5. If you are in a multi-tenant environment, select All tenants, or Selected tenants and specify the tenant(s).
  6. Enter your Client ID (Azure Application ID).
  7. Enter your Client Secret (Azure Client Secret value).
  8. Enter your Azure Tenant ID (Azure Directory ID).
  9. Select Save.

Your Azure directory will sync automatically with your On-Premise appliance during the next night. If you want to sync immediately, you can run a manual sync.

Sync an Azure directory

If you make a change in Azure, you must manually sync with your Cloud Portal to update it. Syncing with Cloud Portal can take up to 10 minutes depending on the size of your directory.

  1. Go to Admin Panel > Directories.
  2. Select the directory and select Sync Directory.

Edit or delete an Azure directory

  1. Go to Admin Panel > Directories.
  2. Select the directory from the list to edit it.

If you want to delete a directory from Cloud Portal, or keep the directory but not use it in Smoothwall, select Submit a request from the top of the Help Centre to contact the Support Team.

On-Premise Appliance

Important

If you want to sync only users in a certain group or a single user, select Submit a request from the top of the Help Centre to contact the Support Team. Do not fill out the Advanced Options without our guidance.

 

Add an Azure directory

  1. Go to Services > Authentication > Directories.
  2. Select Add new directory.
  3. If you have a ‘Hybrid’ setup (both Cloud Portal and On-Premise Appliance), you’ll see a Directory in Cloud Portal field. Select Enabled to push the directory setup from On-Premise Appliance to Cloud Portal. If you don’t select this checkbox, the directory will exist in On-Premise Appliance only.
  4. If you are in a multi-tenant environment, select the tenant.
  5. Select the Type as Azure AD.
  6. You can use the default name of AzureAD, or change it to your preferred name.
  7. Enter your Client ID (Azure Application ID).
  8. Enter your Secret (Azure Client Secret value).
  9. Enter your Tenant ID (Azure Directory ID).
  10. Select Advanced options to sync only users from within a certain Group or a single user.
  11. (Optional) Enter a descriptive comment.
  12. Select Add.

Your Azure directory will sync automatically with your On-Premise appliance during the next night. If you want to sync immediately, you can run a manual sync. Once the sync with the On-Premise appliance is finished, you will also see the directory in Cloud Portal.

Sync an Azure directory

If you make a change in Azure, you must manually sync with your On-Premise appliance to update it. Syncing with your On-Premise appliance can take up to 2 hours depending on the size of your directory. This will automatically happen overnight, or you can do it manually:

  1. Go to Services > Authentication > Directories.
  2. Hover over the directory and select Sync.

If you have a ‘Hybrid’ setup, the changes will be pushed to Cloud Portal.

Edit or delete an Azure directory

  1. Go to Services > Authentication > Directories.
  2. Hover over the directory and select Edit or Delete.

When editing, you can choose to deselect the Enabled box to keep the directory but not use it in Smoothwall.

Next steps

You must map your Directory User Groups to User Groups to: