5/11/2023 0 Comments Jamf pro ip addresses![]() Synchronization: You can either sync the entire Azure AD or a subset.The suggested values / considerations are: ![]() AAD DC Administrators: Add the relevant users and / or groups you wish to be administrators for this domainĦ) Configure the Synchronisation settings as required.If creating a new network it is suggested to call it "DomainServices"ĥ) Configure the Administrative Group settings as required. Choose virtual network: Either create a new network or chose an existing one.Location: Pick your relevant location, typically the closet oneĤ) Configure the network settings as required.Resource Group: Use the "Create new" option and give it an appropriate name.Subscription: Pick your relevant subscription.This should be a valid Top Level Domain and not a. Azure AD Domain Servicesġ) Login into your Azure Portal, click "+ Create a resource", type "Domain Services" and select "Azure AD Domain Services"Ģ) On the "Azure AD Domain Services" click "Create" and the "Enable Azure AD Domain Services" wizard is launched.ģ) Configure the basic settings as required. This will require you to have your users and groups added or synced into your Azure AD directory. This will require a Microsoft Account, as well as payment options configured with Microsoft. This is a high-level guide to configuring the above requirements in order to meet the above dependancies. Details of the AD Search Base (for example: DC=ad,DC=datajar,DC=co,DC=uk).Details (username and password) for a service LDAP account in order to perform lookups.A copy of the SSL certificate used on LDAPS Azure Domain Services.The external port (if different from the standard 636) of your Azure LDAPS service.The external IP address and / or DNS Name of your Azure LDAPS service.In addition to the above requirements, the implementation engineer will need to be provided with the below: Please Note: More information on achieving this requirements can be found below Recommended: Locking down LDAPS access to IP addresses.LDAPS enabled on the Azure Domain Services.A valid and publicly trusted SSL certificate in use on LDAPS Azure Domain Services.Azure AD user passwords re-hashed for NTLM and Kerberos authentication.In order to configure this there is a number of requirements that must be met: This allows user authentication, assignment of devices and integrations into Apple School Manager. It is possible to link your Jamf Pro / datajar.mobi instance to your Azure AD over LDAPS.
0 Comments
Leave a Reply. |