Version:

MarketplaceSupport

Integrate and configure a Global Identity Builder custom data source

The custom data source example described in this section is Azure AD. RadiantOne includes a default custom data source to virtualize Azure AD. Edit this data source to point to your Azure AD. You must have an application registered in your Azure AD and have the APPLICATION ID and PASSWORD KEY before proceeding with the following steps.

Customize data source

The Azure application APPLICATION ID and PASSWORD KEY are required to configure the Azure AD data source.

  1. On the Main Control Panel > Settings tab > Server Backend section, go to Custom Data Sources.
  2. On the right, select mgraph and select Clone.
  3. Enter a data source name and select Clone. Select OK to exit the confirmation. In this example, the data source is named azureadglobalrlitenant. Azure AD Custom Data Source
  4. Choose the new data source (for example azureadglobalrlitenant) and select Edit. Editing Custom Data Source
  5. Choose the username property and select Edit.
  6. Enter the value of the Azure AD Application ID and select OK.
  7. Choose the password property and select Edit.
  8. Enter the password key associated with your Azure AD application and select OK.
  9. Choose the oauthurl property and select Edit. Enter the URL for your Azure AD tenant (for example https://login.microsoftonline.com/{YOUR_TENANT_NAME}/oauth2/v2.0/token) and select OK.
  10. Choose the active property and select Edit.
  11. Set the value to true and select OK.
  12. Select Save.

Create virtual view

RadiantOne includes a default virtual view for Azure AD. Edit this virtual view to point to your Azure AD custom data source configured in the previous section.

  1. Launch RadiantOne Context Builder and select the View Designer perspective.
  2. Choose File > Open > View.
  3. Choose the mgraph view and select OK. Default mgraph Virtual View
  4. Choose File > Save As and enter a file name (for example azureadglobalrlitenant).
  5. Select OK.
  6. On the Tree View tab, right-click on the view name and select Edit Connection String.
  7. Select Edit.
  8. Choose the custom data source created in the previous section and select OK. Editing Data Source Associated with Virtual View
  9. Select OK to exit the connection string dialog.
  10. Since contacts and devices are not needed for this use case, on the Tree View tab, right-click on Category=contacts and choose Delete. Select Yes, to confirm.
  11. On the Tree View tab, right-click on Category=devices and choose Delete. Select Yes, to confirm.
  12. The default group object class need remapped to a common name because the group settings allowed by the Global Identity Builder are currently, group, groupOfNames and groupOfUniqueNames. On the Tree View tab, expand category=groups and select group. Tree View Tab
  13. Select the Properties tab and locate the Object Class.
  14. Select Edit next to Object Class.
  15. From the drop-down list, choose group and select OK. Group Object Class Mapping
  16. Select floppy disk icon to save the view.
  17. In the RadiantOne Main Control Panel, go to the Directory Namespace tab.
  18. Select New Naming Context.
  19. Enter a naming context (for example o=azuread) and select the Virtual Tree type.
  20. Select Next.
  21. Choose the Use an existing view (.dvx) option and select Browse.
  22. Choose the virtual view created in Context Builder (saved in step 1. above) and select OK.
  23. Select OK and then OK again to exit the confirmation.
  24. Select the Main Control Panel > Directory Browser tab and select monitor symbol to re-load the tree.
  25. Navigate to the root naming context created in step 21. Expand the tree and verify your Azure AD user and groups are returned.

Configure persistent cache

Prior to using FID as an identity source in your Global Identity, configure and initialize a persistent cache for your virtual views.

  1. Select the Main Control Panel > Directory Namespace tab.
  2. Select Cache.
  3. Select Browse to navigate to the naming context you want to cache.
  4. Select Create Persistent Cache.
  5. On the Refresh Settings tab, choose the type of cache refresh strategy you want to use. For details on the different refresh options and how to initialize the cache, see the RadiantOne Deployment and Tuning Guide.
  6. After the persistent cache is configured, choose the cached branch below Cache and on the Refresh Settings tab, select Initialize.
  7. If you selected a Real-time refresh strategy, configure the connectors accordingly and start them. For details, see the Connector Properties Guide and the Deployment and Tuning Guide. If you selected a periodic cache refresh approach, configure the refresh interval. For details, see the Deployment and Tuning Guide.

Add RadiantOne cache as an identity source in the project

After configuring a persistent cache, add it as an an identity source. This will enable synchronization between your identity source and the global profile.

  1. Select Add Identity Source to add an identity source to a project.
  2. Enter the required properties. Identity Source Example
  3. Select Save changes.
  4. Configure attribute mappings.
  5. Select Save Mappings.
  6. Configure correlation rules.
  7. Select Save Rules.
  8. Upload Azure AD entries into the global profile.

To learn more about Global Identity Builder, please read the chapter that describes how to address group membership challenges.

IN THIS PAGE

PRIVACY POLICY

TERMS OF USE

Copyright © 2024 Radiant Logic. All rights reserved.