Search Results :

×

Setup Drupal Microsoft Entra ID (Azure AD) Synchronization

Microsoft Entra ID (Azure AD) User Provisioning integration with Drupal streamlines user management and ensures up-to-date user information within the system. This step-by-step guide will assist you in configuring user provisioning/sync from the Drupal site to the Azure application, allowing administrators to easily provision users and manage user data with manual, automatic, or scheduler-based provisioning using the Drupal Azure User Sync module. This module is compatible with Drupal 7, Drupal 8, Drupal 9, Drupal 10 and Drupal 11.

  • Download the module:
    composer require 'drupal/azure_ad'
  • Navigate to Extend menu on your Drupal admin console and search for miniOrange Azure AD / B2C Synchronization using the search box.
  • Enable the module by checking the checkbox and click on Install button.
  • Configure the module at
    {BaseURL}/admin/config/people/azure_ad/overview
  • Install the module:
    drush en azure_ad
  • Clear the cache:
     drush cr
  • Configure the module at
    {BaseURL}/admin/config/people/azure_ad/overview
  • Navigate to Extend menu on your Drupal admin console and click on Install new module button.
  • Install the miniOrange Azure AD / B2C Synchronization module either by downloading the zip or from the URL of the package (tar/zip).
  • Click on Enable newly added modules.
  • Enable this module by checking the checkbox and click on Install button.
  • Configure the module at
    {BaseURL}/admin/config/people/azure_ad/overview
  • After installing the module on the Drupal site, in the Administration menu, navigate to Configuration → People → Azure AD Sync (admin/config/people/azure_ad/overview)
  • Have a glance at what the module does and click on the Let’s Configure the module button.
 drupal azure sync lets config module

  • In STEP 1, select how you would like to perform the Sync. For Drupal to Azure Sync, click on the first (left) GIF.
 drupal azure sync select method

  • Sign in to the Azure portal.
  • Click on the Microsoft Entra ID from the Azure services.
drupal azure sync select Microsoft ENtra ID application

  • From the left navigation panel, click on the App registrations service, and then click on the New Registration button.
drupal azure sync new registaration

  • On the Register an application page, please enter the information based on the instructions mentioned below:
    • Name: Display the name of the application.
    • Supported account types: Select one of the listed options as per requirement.
    • Click on the Register button.
drupal azure sync enter app name

  • Navigate to API Permissions from the left navigation panel and click on the Add a Permission button.
drupal azure sync API permission

  • Select Microsoft Graph under the Microsoft APIs tab and select Application Permissions.
  • In the Select Permission search bar, search for the user.
drupal azure sync application permission
  • Under User, select User.ReadWrite.All permission, click on the Add permissions button.
drupal azure sync add permission
  • Click on Grant admin consent for Default Directory and click on the Yes button to grant admin consent confirmation.
drupal azure sync grant admin consent

  • In STEP 2, configure the below-mentioned values from the Microsoft Entra ID into Drupal.
  • Tenant ID:
    • From the Overview section of the Microsoft Entra ID Application, copy the Directory (Tenant) ID value.
    • Paste the copied Tenant ID into Drupal’s Tenant ID text field.
     drupal azure sync copy tenant id
  • Application (Client) ID:
    • From the Overview section of the Microsoft Entra ID Application, copy the Application (client) ID value.
    • Paste the copied Client ID in the Drupal’s Application (Client) ID text field.
     drupal azure sync copy client id

  • Client Secret:
    • From the left navigation panel, click on the Certificates & secrets menu and click on the New Client Secret button.
    • Add a description for the secret, select the expiry of the secret, and click on the Add button.
     drupal azure sync certificates and secrets

    • Copy the Secret Value.
     drupal azure sync copy secret value

    • Paste the copied Secret value in Drupal’s Client Secret text field.
  • Tenant Name/Primary Domain:
    • In the same window, hover on your profile (top right corner) and note down the Domain mentioned in the pop-up box.
    • Paste the noted Domain value in Drupal’s Tenant Name/Primary Domain text field.
     drupal azure sync copy domain

  • Test UPN/ID:
    • Navigate to the Microsoft Entra ID and select the Users menu from the left navigation panel.
    • Copy the user’s User Principal Name to test out the integration of Drupal and Azure AD.
    • Paste the copied User Principal Name in Drupal’s Test UPN/ID text field.
  • Once done with all the Configurations, click on the Save and Test Configuration button.
 drupal azure sync save configuration

  • If the Test Configuration is successful, the module gives a success message like:
 drupal azure sync success msg

  • To check the attributes received from Microsoft Entra ID, click on the link in the success message.
  • Alternatively, if there is an error in the integration of Azure AD with Drupal, then check the cause of the error by following the link in the error message or scrolling down to the Test Configuration Result section.
 drupal azure sync error msg

  • Once successful integration, click on the Next button.

In Manual/On-Demand Provisioning you can manually sync the user with Microsoft Entra ID. It also allows the provisioning of a single user as well as all of the existing users at once to Microsoft Entra ID.

Configure Manual/On-Demand Provisioning

  • Click on the Configure button of the Manual/On-Demand Provisioning section
 drupal azure sync select manual provisioning

  • Under the Manual Provisioning Configuration section, check the checkbox of Create User and click on the Save button.
 drupal azure sync create user

  • Once saved, In the search field of the sync user section, enter the username of Drupal’s user and then click on the Sync button.
 drupal azure sync create user sync

  • If the provisioning is successful, you will receive the success message. Alternatively, if there is an error in provisioning the user account to Microsoft Entra ID, you can check the cause of the error by following the link in the error message.
 drupal azure sync error msg

This type of provisioning allows you to sync users with Microsoft Entra ID whenever any CRUD operation(s) is performed on them in Drupal.

Configure Automatic Provisioning

  • Automatic Provisioning will help you provision your users using any of the following events:
    • Admin Interface: When administrators or privileged users manually perform CRUD operations on a user’s account via the Drupal admin interface.
    • User account change: Whenever users themselves perform CRUD operations on their own information form user/{user_id}/edit or any other custom form.
    • 3rd Party Modules: Whenever a user entity is updated/created in the Drupal site using any third-party modules/applications or custom code
    • User Registration: Whenever a user creates a new account in Drupal. (/user/register)
  • Click on the Configure button of the Automatic Provisioning section.
 drupal azure sync automatic provisioning

  • Under the Automatic Provisioning Configuration section, check the checkbox of Create User and click on the Save button.
 drupal azure sync automatic provisioning sync

  • Now, you can try to create a new user on the Drupal site and check the logs by navigating to Reports → Recent log messages and using the user_provisioning filter.

That’s it!! you have successfully provisioned the users with Microsoft Entra ID (Azure AD).

If the Provision was not successful, please contact us at drupalsupport@xecurify.com. Please send the screenshot of the error window, and we will assist you in resolving the issue and guiding you through the setup.


[MO_CONTACT_US]
ADFS_sso ×
Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com