Meet us at WordCamp Europe | ShopTalk | DrupalCon Conferences to explore our solutions. Know More
Setup Drupal Azure AD (Microsoft Entra ID) Synchronization
Setup Drupal Azure AD (Microsoft Entra ID) Synchronization
Azure (Microsoft Entra ID) User Provisioning integration with Drupal streamlines user management and ensures up-to-date user information within the system. This step-by-step guide will assist you in configuring user provisioning/sync from the Drupal site to the Azure application, allowing administrators to easily provision users and manage user data with manual, automatic, or scheduler-based provisioning using the Drupal Azure User Sync module. This module is compatible with Drupal 7, Drupal 8, Drupal 9, and Drupal 10.
The module also supports a two-way sync between Drupal and Azure AD. You can reach out to us at drupalsupport@xecurify.com for one-on-one assistance from a Drupal developer.
Installation Steps:
- Download the module:
composer require drupal/azure_ad
- Go to Extend menu on your Drupal admin console and enable the module by enabling the checkbox and click on Install button.
- Configure the module at:
{BaseURL}/admin/config/people/azure_ad/overview
- Install the module:
drush en azure_ad
- Clear the cache:
drush cr
- Configure the module at:
{BaseURL}/admin/config/people/azure_ad/overview
- Navigate to Extend menu on your Drupal admin console and click on Install new module.
- Install the Drupal Azure User Sync module either by downloading the zip or from the URL of the package (tar/zip).
- Click on Enable newly added modules.
- Enable this module by checking the checkbox and click on Install button.
- Configure the module at
{BaseURL}/admin/config/people/azure_ad/overview
Setup Drupal:
- After installing the module on the Drupal site, in the Administration menu, navigate to Configuration → People → Azure AD Sync (admin/config/people/azure_ad/overview)
- Have a glance at what the module does and click on the Let’s Configure the module button.
- In STEP 1, select how you would like to perform the Sync. For Drupal to Azure Sync, click on the first (left) GIF.
Setup Azure AD:
- Sign in to the Azure portal.
- Click on the Azure Active Directory from the Azure services.
- From the left navigation panel, click on the App registrations service, and then click on the New Registration button.
- On the Register an application page, please enter the information based on the instructions mentioned below:
- Name: Display the name of the application.
- Supported account types: Select one of the listed options as per requirement.
- Click on the Register button.
Add API Permissions to your Azure AD Application:
- Navigate to API Permissions from the left navigation panel and click on the Add a Permission button.
- Select Microsoft Graph under the Microsoft APIs tab and select Application Permissions.
- In the Select Permission search bar, search for the user.
- Under User, select User.ReadWrite.All permission, click on the Add permissions button.
- Click on Grant admin consent for Default Directory and click on the Yes button to grant admin consent confirmation.
Integrating Drupal with Azure AD:
- In STEP 2, configure the below-mentioned values from the Azure AD into Drupal.
- Tenant ID:
- From the Overview section of the Azure AD Application, copy the Directory (Tenant) ID value.
- Paste the copied Tenant ID into Drupal’s Tenant ID text field.
- Application (Client) ID:
- From the Overview section of the Azure AD Application, copy the Application (client) ID value.
- Paste the copied Client ID in the Drupal’s Application (Client) ID text field.
- Client Secret:
- From the left navigation panel, click on the Certificates & secrets menu and click on the New Client Secret button.
- Add a description for the secret, select the expiry of the secret, and click on the Add button.
- Copy the Secret Value.
- Paste the copied Secret value in Drupal’s Client Secret text field.
- Tenant Name/Primary Domain:
- In the same window, hover on your profile (top right corner) and note down the Domain mentioned in the pop-up box.
- Paste the noted Domain value in Drupal’s Tenant Name/Primary Domain text field.
- Test UPN/ID:
- Navigate to the Azure AD and select the Users menu from the left navigation panel.
- Copy the user’s User Principal Name to test out the integration of Drupal and Azure AD.
- Paste the copied User Principal Name in Drupal’s Test UPN/ID text field.
- Once done with all the Configurations, click on the Save and Test Configuration button.
- If the Test Configuration is successful, the module gives a success message like:
- To check the attributes received from Azure AD, click on the link in the success message.
- Alternatively, if there is an error in the integration of Azure AD with Drupal, then check the cause of the error by following the link in the error message or scrolling down to the Test Configuration Result section.
- Once successful integration, click on the Next button.
Provisioning / Synchronization
- In STEP 3, choose the method to provision the user.
- In Manual/On-Demand Provisioning you can manually sync the user with Azure. It also allows the provisioning of a single user as well as all of the existing users at once to Azure.
- Click on the Configure button of the Manual/On-Demand Provisioning section
- Under the Manual Provisioning Configuration section, check the checkbox of Create User and click on the Save button.
- Once saved, In the search field of the sync user section, enter the username of Drupal’s user and then click on the Sync button.
- If the provisioning is successful, you will receive the success message. Alternatively, if there is an error in provisioning the user account to Azure AD, you can check the cause of the error by following the link in the error message.
This type of provisioning allows you to sync users with Azure AD whenever any CRUD operation(s) is performed on them in Drupal.
Automatic Provisioning will help you provision your users using any of the following events:
- Admin Interface: When administrators or privileged users manually perform CRUD operations on a user’s account via the Drupal admin interface.
- User account change: Whenever users themselves perform CRUD operations on their own information form user/{user_id}/edit or any other custom form.
- 3rd Party Modules: Whenever a user entity is updated/created in the Drupal site using any third-party modules/applications or custom code
- User Registration: Whenever a user creates a new account in Drupal. (/user/register)
- Click on the Configure button of the Automatic Provisioning section.
- Under the Automatic Provisioning Configuration section, check the checkbox of Create User and click on the Save button.
- Now, you can try to create a new user on the Drupal site and check the logs by navigating to Reports → Recent log messages and using the user_provisioning filter.
That’s it!! you have successfully provisioned the users with Azure ad (Microsoft Entra ID).
If the Provision was not successful, please contact us at drupalsupport@xecurify.com. Please send the screenshot of the error window, and we will assist you in resolving the issue and guiding you through the setup.
Case Studies
miniOrange has successfully catered to the use cases of 400+ trusted customers with its highly
flexible/customizable Drupal solutions. Feel free to check out some of our unique case studies using
this link.
Other Solutions
Feel free to explore other Drupal solutions that we offer here. The
popular solutions used by our trusted customers include 2FA, SSO, Website Security.
24*7 Active Support
The Drupal developers at miniOrange offer quick and active support for your queries. We can assist you
from choosing the best solution for your use case to deploying and maintaining the solution.
×
![ADFS_sso]()
Trending searches:
Hello there!
Need Help? We are right here!
