I see DRA 10 has the ability to connect to AzureAD and create users/groups etc. We use conditional access on AzureAD. How does DRA connect to the tenant using its 'service' account? Is it using a username.password, app registration or certificate?
Cybersecurity
DevOps Cloud
IT Operations Cloud
shocko,
Here's what the docs say regarding the AzureAD Connection:
To manage Users and Groups in an Azure tenant, you need to add an Azure application in the Delegation and Configuration Console with the following permissions in order to manage objects in the tenant:
Additionally, for managing Exchange Online, you need to add a Least Privilege Account in the Delegation and Configuration Console provisioned with the following Azure Active Directory permissions:
You can find more information from the docs here: https://www.netiq.com/documentation/directory-and-resource-administrator-10/draadminguide/data/t4bpxh8ytyz4.html
Please let us know what else we can answer for you.
DRA 10.2 now adds the ability to connect to your azure tenant using Certificate Based Authentication. We also use an Azure Application with client secret as well. Please see our DRA 10.2 documentation for additional details: www.microfocus.com/.../