Setup Drupal Microsoft Entra ID (Azure AD) Synchronization

Overview

Microsoft Entra ID (Azure AD) User Provisioning integration with Drupal streamlines user management and ensures up-to-date user information within the system. This step-by-step guide will assist you in configuring user provisioning/sync from the Drupal site to the Azure application, allowing administrators to easily provision users and manage user data with manual, automatic, or scheduler-based provisioning using the Drupal Azure User Sync module. This module is compatible with Drupal 7, Drupal 8, Drupal 9, Drupal 10 and Drupal 11.

Installation Steps

Configuration Steps

Setup Drupal

• After installing the module on the Drupal site, in the Administration menu, navigate to Configuration → People → Azure AD Sync (admin/config/people/azure_ad/overview)
• Have a glance at what the module does and click on the Let’s Configure the module button.

• In STEP 1, select how you would like to perform the Sync. For Drupal to Azure Sync, click on the first (left) GIF.

Setup Microsoft Entra ID (Azure AD)

• Sign in to the Azure portal.
• Click on the Microsoft Entra ID from the Azure services.

• From the left navigation panel, click on the App registrations service, and then click on the New Registration button.

• On the Register an application page, please enter the information based on the instructions mentioned below:
• Name: Display the name of the application.
• Supported account types: Select one of the listed options as per requirement.
• Click on the Register button.

Add API Permissions to your Microsoft Entra ID (Azure AD) Application

• Navigate to API Permissions from the left navigation panel and click on the Add a Permission button.

• Select Microsoft Graph under the Microsoft APIs tab and select Application Permissions.
• In the Select Permission search bar, search for the user.

• Under User, select User.ReadWrite.All permission, click on the Add permissions button.

• Click on Grant admin consent for Default Directory and click on the Yes button to grant admin consent confirmation.

Integrating Drupal with Microsoft Entra ID (Azure AD)

• In STEP 2, configure the below-mentioned values from the Microsoft Entra ID into Drupal.
• Tenant ID:
• From the Overview section of the Microsoft Entra ID Application, copy the Directory (Tenant) ID value.
• Paste the copied Tenant ID into Drupal’s Tenant ID text field.

• Application (Client) ID:
• From the Overview section of the Microsoft Entra ID Application, copy the Application (client) ID value.
• Paste the copied Client ID in the Drupal’s Application (Client) ID text field.

• Client Secret:
• From the left navigation panel, click on the Certificates & secrets menu and click on the New Client Secret button.
• Add a description for the secret, select the expiry of the secret, and click on the Add button.



• Copy the Secret Value.



• Paste the copied Secret value in Drupal’s Client Secret text field.

• Tenant Name/Primary Domain:
• In the same window, hover on your profile (top right corner) and note down the Domain mentioned in the pop-up box.
• Paste the noted Domain value in Drupal’s Tenant Name/Primary Domain text field.

• Test UPN/ID:
• Navigate to the Microsoft Entra ID and select the Users menu from the left navigation panel.
• Copy the user’s User Principal Name to test out the integration of Drupal and Azure AD.
• Paste the copied User Principal Name in Drupal’s Test UPN/ID text field.

• Once done with all the Configurations, click on the Save and Test Configuration button.

• If the Test Configuration is successful, the module gives a success message like:

• To check the attributes received from Microsoft Entra ID, click on the link in the success message.
• Alternatively, if there is an error in the integration of Azure AD with Drupal, then check the cause of the error by following the link in the error message or scrolling down to the Test Configuration Result section.

• Once successful integration, click on the Next button.

• Manual/On-Demand Provisioning
• Automatic Provisioning

In Manual/On-Demand Provisioning you can manually sync the user with Microsoft Entra ID. It also allows the provisioning of a single user as well as all of the existing users at once to Microsoft Entra ID.

Configure Manual/On-Demand Provisioning

• Click on the Configure button of the Manual/On-Demand Provisioning section

• Under the Manual Provisioning Configuration section, check the checkbox of Create User and click on the Save button.

• Once saved, In the search field of the sync user section, enter the username of Drupal’s user and then click on the Sync button.

• If the provisioning is successful, you will receive the success message. Alternatively, if there is an error in provisioning the user account to Microsoft Entra ID, you can check the cause of the error by following the link in the error message.

This type of provisioning allows you to sync users with Microsoft Entra ID whenever any CRUD operation(s) is performed on them in Drupal.

Configure Automatic Provisioning

• Automatic Provisioning will help you provision your users using any of the following events:
• Admin Interface: When administrators or privileged users manually perform CRUD operations on a user’s account via the Drupal admin interface.
• User account change: Whenever users themselves perform CRUD operations on their own information form user/{user_id}/edit or any other custom form.
• 3rd Party Modules: Whenever a user entity is updated/created in the Drupal site using any third-party modules/applications or custom code
• User Registration: Whenever a user creates a new account in Drupal. (/user/register)

• Click on the Configure button of the Automatic Provisioning section.

• Under the Automatic Provisioning Configuration section, check the checkbox of Create User and click on the Save button.

• Now, you can try to create a new user on the Drupal site and check the logs by navigating to Reports → Recent log messages and using the user_provisioning filter.

That’s it!! you have successfully provisioned the users with Microsoft Entra ID (Azure AD).

If the Provision was not successful, please contact us at drupalsupport@xecurify.com. Please send the screenshot of the error window, and we will assist you in resolving the issue and guiding you through the setup.

Why choose us:

24/7 Support

The Drupal developers at miniOrange offer quick and active support for your queries. We can assist you from choosing the best solution for your use case to deploying and maintaining the solution.

 Contact us

Case Studies

miniOrange has successfully catered to the use cases of 400+ trusted customers with its highly flexible/customizable Drupal solutions.

 Read more

Other Solutions

Feel free to explore other Drupal solutions that we offer the popular solutions used by our trusted customers include 2FA, User Provisioning, Website Security.

 Know More