黑料海角91入口

黑料海角91入口 offers direct integration with Microsoft庐 365鈩� (M365) so you can manage M365 users from the 黑料海角91入口 Admin Portal. Their passwords are synced with their 黑料海角91入口 password the first time they log in to their 黑料海角91入口 User Portal after they鈥檙e associated with M365.

Integrating M365 with 黑料海角91入口

Benefits

This integration with 黑料海角91入口 allows for:

• Secure, persistent connectivity between 黑料海角91入口 and M365
• Importing pre-existing M365 accounts into 黑料海角91入口
• Exporting (provisioning) new accounts into M365 from 黑料海角91入口
• Continual synchronization from 黑料海角91入口 to M365 accounts
• End user self-service account management from the 黑料海角91入口 User Portal  
• Security Assertion Markup Language (SAML) Single Sign-on (SSO) users can log in to 黑料海角91入口 and M365 with the same set of credentials

Considerations

•  may be necessary to authenticate legacy endpoints where multi-factor authentication (MFA) is configured in M365
• 黑料海角91入口 user accounts are synced with their M365 user account based on the primary email address used in M365
• If multiple M365 tenants are configured for 黑料海角91入口's Directory Sync and a 黑料海角91入口 user is bound to more than one M365 tenant, only the M365 tenant with the 黑料海角91入口 user's matching M365 primary email address will be synced
• At this time, 黑料海角91入口 doesn't support integration with GoDaddy's implementation of M365. This version has limited identity management capabilities that require SSO login with GoDaddy's services to operate appropriately. Because of these requirements, we are prohibited from making changes to identities with the GoDaddy integration
• Don't import users that you don't intend to manage with 黑料海角91入口. You have 48 hours to remove unwanted users and to contact your Technical Account Manager to avoid being charged for any users you remove after import 
• If the password takeover functionality has been disabled for your 黑料海角91入口 organization, then the password only syncs when the user or admin changes it. In addition, active users with passwords will receive password reset emails from each Cloud Directory to which the user is associated
• M365/Entra ID group management is only supported for security groups at this time

Prerequisites

• An active M365 domain
• A user with the following administrator roles in M365:
  • Privileged role administrator
  • Groups administrator
  • Users administrator
• We also recommend that you have a Global administrator service account

M365 Integration Scenarios

You can integrate M365 with 黑料海角91入口 in the following two ways:

1. Taking over existing M365 accounts
2. Provisioning new M365 accounts

Taking Over Existing M365 Accounts

When you import existing M365 accounts and bind them to the M365 directory you鈥檝e enabled for sync, 黑料海角91入口 鈥渢akes over鈥� the accounts and becomes the manager and password authority for those accounts. 

Provisioning New M365 Accounts

Account provisioning involves creating and maintaining user accounts and their attributes. New M365 accounts can be provisioned in M365 or in 黑料海角91入口.

M365-Initiated Provisioning

When an account is created in M365, a temporary password can be sent to an alternate email address, which lets users gain access to their account. 

When you create a user account in M365, users are provisioned in the following way:

1. Import the user into 黑料海角91入口.
2. Bind the user to the M365 directory.
3. The user resets their password in the 黑料海角91入口 User Portal.
4. Account synchronization is complete.

黑料海角91入口-Initiated Provisioning

When you create new users in 黑料海角91入口 that don鈥檛 exist in Microsoft, 黑料海角91入口 creates user accounts (provisions) with the 黑料海角91入口 user鈥檚 credentials and attributes. For the new account to be provisioned to M365, the account must have an email address of the primary M365 domain that is synced with 黑料海角91入口. This is useful if your organization intends to use 黑料海角91入口 to manage your M365 deployment.

When creating an account in 黑料海角91入口, an activation email can be sent to an alternate email address. Alternatively, admins can set a temporary password during creation.

To send an activation email to an alternate email address:

1. Add the new user to 黑料海角91入口.
   1. Bind the user to the M365 directory.
   2. Leave Specify initial password unchecked.
   3. After saving the user, you will be prompted to send the activation email.
2. The user will click the link in the activation email that was sent to the address you provided in step 1b and set their password.
3. The user logs in to the 黑料海角91入口 User Portal with the password they set in step 2.
4. Account synchronization is complete.

To set a temporary password for the user during creation:

1. Log in the .
2. Go to User Management > Users.
3. Click ( + ), then select Manual user entry.
4. Specify details for the user, making sure to set the following attributes as follows:
   1. The Company Email address you specify for the user is on the domain of the M365 directory you want to provision the user to.
   2. For Password Settings, select Specify initial password, and then specify the user鈥檚 initial password.
5. Select the Directories tab, then select the M365 directory that matches the Company Email address you specified for the user.
6. Click save user. The user鈥檚 account, including the initial password you set, are provisioned to M365. It may take up to 60 seconds for the user account to be created in Microsoft.

User Flows

After you connect a user to an M365 directory, the flow differs slightly for staged and active users:

Staged User Flow

• Staged user without a password: After you bind a staged user without a password to an external directory and then change their user state to active, you can choose to send the user an Activation email that tells them how to register their account. After the user registers their account, creates an account password, and logs in to their 黑料海角91入口 User Portal, their password is synced to the directories they鈥檙e associated with. 
• Staged user with a password: After you bind a staged user with a password to an external directory and then change their user state to active, you can choose to send the user a Welcome email that tells them to log in to the User Portal. After they log in to their 黑料海角91入口 User Portal, their password is synced to the directories they鈥檙e associated with.
• Staged user access in M365: When binding a Staged user to M365, if 黑料海角91入口 does not find an existing M365 user to sync, the user will be created in an Active state with a randomized password. This will allow the user account to receive emails, but no login will be possible. However, if 黑料海角91入口 finds that the user already exists in M365, 黑料海角91入口 will NOT dispatch a password. This means the user may continue to login to their existing M365 account if it already exists. In either case, once the user logs in to 黑料海角91入口鈥檚 User Portal for the first time, the password will be synced to M365.

Active User Flow

• Active user with a password: After you bind an active user with a password to an external directory, the user receives an email that informs them about that directory to which they鈥檝e been added, and notifies them to synchronize their password by logging into their 黑料海角91入口 User Portal. When the user logs in, they see a modal informing them that their password has been updated.
• Active user without a password: After you bind an active user without a password to an external directory, the user鈥檚 password will be synchronized once a password is set by you or the user, and the user logs in to their 黑料海角91入口 User Portal.

Additional Resources

• Enroll:
• Show me: