Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
adamhi
Explorer

Identity Awareness using Azure AD

Jump to solution

Hi,

Possibly a daft question, but can anyone confirm if IA works against Azure AD as opposed to 'normal' AD? This is for an org that won't have any on prem AD at the end of the implementation.

I've had a look through the deployment guide for the version we would be implementing but it doesn't specifically mention Azure as being OK and I understand from our cloud architects that it's a bit different to AD as I know it.

Thanks in advance.

A.

33 Replies
Netadmin2020
Contributor

@Royi_Priov 

I understood .Can you please so me a example with the identity tag?

thanx 

@adamhi 

We have a hybrid environment,that means we NEED ldap and azure ad Identity Awareness!

 

 

0 Kudos
Royi_Priov
Employee
Employee

Hi @Netadmin2020 ,

You will need to:

  1. Configure Identity Provider object and use this object in captive portal settings.
  2. Configure new Identity Tag object with your AzureAD entity identifier (user / group identifier).
  3. place this tag object in an Access Role.

You can use both Azure AD and LDAP with IDA, but not in parallel with captive portal.

For example, you can use captive portal with AzureAD (SAML) and other identity source with LDAP. Alternatively, one GW will use captive portal with SAML and the other one captive portal with LDAP. The reason is that the redirection action will be done once and we need to distinguish if this should be done with AD or with SAML.

Thanks,
Royi Priov
Group manager, Identity Awareness R&D
0 Kudos
Netadmin2020
Contributor

check if these are correct.

sso1.JPG

2.JPG

3.JPG

4.JPG

  

0 Kudos
Royi_Priov
Employee
Employee

After a quick brief, yes.

If this is still not working for you, please involve TAC to troubleshoot. Thanks!

Thanks,
Royi Priov
Group manager, Identity Awareness R&D
0 Kudos