Azure API Active Directory (AD) User synchronisation enables you to connect your Azure Active Directory to your Phriendly Phishing account. When an individual is configured in your AD then they will automatically synchronise this new staff member in your Phriendly Phishing account. This document describes how to synchronise Azure AD security groups to Phriendly Phishing. This will automate the process of adding or removing users into the portal.
Note: It is required to have an Azure Active Directory tenant. You will also be required to have a security group within Azure AD that contains all users that you would like to participate in Phriendly Phishing.
There requires a change to be made by Phriendly Phishing before starting this process. Please email firstname.lastname@example.org to inform us you would like to use Azure API AD Synchronisation.
If this is not done, you will receive the below error when logging in at step 5.
How to Configure your Azure API AD User Synchronisation
1. Log into your Phriendly Phishing account and click the settings cog icon located at the top right-hand side of the portal.
2. Select on User Synchronisation.
3. Click on the Azure API radio button.
4. Click on Azure Synchronisation to expand the configuration options.
5. Click the Log in To Azure button.
Note: The minimum requirement for this account is to be assigned the Application Administrator role within your Azure environment.
6. You will now be redirected to the Microsoft login page, please choose the account that you would like to use to log in.
7. Phriendly Phishing requires permissions to be able to sync your users successfully, please read and Accept permissions.
8. Choose how often you would like Phriendly Phishing to sync with Azure AD.
9. Enter the name of the Azure AD security group that you would like to sync to your portal. It is possible to add multiple groups.
Important Things to Note:
- It is crucial to have the correct name of the group for the sync to work, if the group isn't being identified there could be a ' ' (space) at the end of a group name.
- Users from nested groups are not recognised. If you do have users in nest groups you will need to specify those groups in the configuration too.
- The AD security group name will be shown as a Segment under the Learners page.
10. Scroll down to the Search: box and tick any additional attributes that you would like to import into Phriendly Phishing.
Please note: Custom attributes cannot be synced to the Phriendly Phishing portal
11. Select your required attributes by dragging the attributes to the dashed-line boxes. Important: Select one of the options the Key attribute is an attribute in an email address format or user code (unique identifier)
We recommend using ID as the unique identifier as it will update learners if their email address changes.
12. Save your configuration by clicking Save Settings.
13. Once you have saved your configuration, you will be able to select Trigger Sync.
The sync process may take a few minutes to complete. Please refresh the page and you will be notified that the process is finished by the bell icon in the top right.
14. Now that the first sync has completed and if you have no pre-existing users within your Phriendly Phishing portal you can now safely set Azure Synchronisation to enabled.
Note: If you have pre-existing local users within the portal it is recommended that you carefully review the user synchronisation list, to do this please follow the Review Data instructions.
Note: If you are notified the process is finished and the option to enable it is still greyed out, the most common issue would be with the user group specified in the configuration. Please confirm the group name is correct.
15. Read the warning prompt message and Click OK when you are ready to proceed.
16. Review the user remove list. Click the Sync Data From Azure button.
17. Your users will now be successfully synchronised to your portal, click Finish.
1. Under Azure Synchronisation scroll down to the Preview Sample List.
2. You can now download the pending synchronisation data in CSV format.
3. The Raw data CSV file shows each Learner's email address, first name, last name, and if their email address listed is valid. It also shows the total number of Learners.
4. The Preview processed data CSV file again shows each Learner's email address, first name, last name, and whether the Learner was Added, Updated, Removed, or/and email is Invalid.
You have now successfully set up Azure API AD User Sychronisation.
Explore Phriendly Phishing's award-winning course catalogue here!