Azure Active DirectoryAzure Active Directory is an easy to use solution which lets you provide single sign-on (SSO) access to thousands of cloud SaaS Applications.

This guide explains how to integrate Azure AD with the Comodo One and Dragon platforms. The guide uses screenshots from the C1 portal for illustration purposes, but the instructions apply equally to two platforms.

• Prepare the Azure Portal

• Configure your Account for Azure

• How to find the 'Tenant Name'

• Add Groups and Users to Azure Active Directory

• Create an Azure AD Account in your Portal

• The 'Azure Active Directories' Interface

• View Active Directory Details

• Manually Synchronize User Groups from Azure Active Directory

Prepare the Azure Portal

1. Sign in to Azure Active Directory

a) If you already have a Microsoft account with Azure Active Directory rights, go to:https://portal.azure.com/

b) If you have a Microsoft account but don't have Azure Active Directory rights, go to: https://azure.microsoft.com/en-gb/trial/get-started-active-directory/

b.1) Click the enable now buttonb.2) Login to your accountb.3) Choose "Sign up for Microsoft Azure"b.4) Enter required info to register (If you are creating a test account create a virtual credit card to

Sign Up)

2. Click "Azure Active Directory" in the Azure portal

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 1

Azure Active Directory (Azure AD)

3. You can add users and user groups from Azure Active Directory menu. Click here if you want more help with this.

• Note - Only users in a group are synced and displayed in the C1/Dragon Portal.

Configure your Account for Azure After the Azure portal is prepared, you should integrate the Azure AD account with your Comodo One/Dragon account.

• Login to your C1/Dragon account at http://one.comodo.com

• Click 'Management' then 'Azure Active Directory'

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 2

Azure Active Directory (Azure AD)

• Click the 'New Azure Active Directory' button to start the integration wizard

• The wizard requires you to enter your tenant name, select customers and add AD groups for your customers. See 'Create an Azure AD Account in your Portal' for more information.

See the explanation below to find the tenant name.

How to Find the Tenant Name

• Log in to your Azure portal

• Click 'Azure Active Directory' on the left then 'Overview'

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 3

Azure Active Directory (Azure AD)

The tenant name is displayed below your Azure account name.

Add Groups and Users to Azure Active DirectoryAll group and user operations can be reached on the Azure Active Directory main page.

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 4

Azure Active Directory (Azure AD)

• Users need to be a member of a group in Azure if you want to import them to C1/Dragon. Therefore, if you want to sync your users, assign them to a group on Azure. The assign operation can be managed through both groups and users.

• You can add any group with a name of your choice.

• To add a user, you need to define a name and user name.

Field Name Type

Name Alphanumeric.

User Name In mail format, domain is set as the Azure domainName. See screenshot below.

A password is created for each user on the user creation page.

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 5

Azure Active Directory (Azure AD)

Create an Azure AD Account in your Portal

Note - You must already have an Azure AD account in the Microsoft portal before you can add Azure to C1/Dragon.

Add an Azure AD account to C1/Dragon

• Click 'Management', then 'Azure Active Directory'

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 6

Azure Active Directory (Azure AD)

The 'Azure Active Directories' interface opens:

• Click 'New Azure Active Directory' button at the top

• The 'New Azure Active Directory' wizard starts:

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 7

Azure Active Directory (Azure AD)

Step 1 – Configure Azure Active Directory Settings

• Tenant - Enter your Azure Active Directory domain name. The Azure AD domain name is found in the Azureportal. See How to find the tenant name if you can’t find it.

• Click 'Next Step'

• You are taken to the Azure portal. Provide your Azure account credentials and click 'Sign in'.

• After successful Azure account validation, configure the synchronization settings in Step 2.

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 8

Azure Active Directory (Azure AD)

Step 2 - Synchronization Settings

• Customer Type - Choose the customer type you want.

• Single Customer - All AD user groups are synchronized to the same C1/Dragon customer.

• Multi Customer - AD groups can be synchronized to different C1/Dragon Customers.

• Customer - This is available if 'Single Customer' is selected. Select the company with whom the Azure AD should be synchronized.

• Enable Azure Active Directory Synchronization - Select when the synchronization process should take place. All future syncs will take place at this time.

Click 'Next Step' to continue.

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 9

Azure Active Directory (Azure AD)

Step 3 – Finish

• The final screen shows all user groups defined in AD. You need to choose which groups you want to import and what role you want to give users imported from a particular group.

• Role Selection - Choose the C1/Dragon role you want to assign to users imported from the group. Note: The 'End User' role (default) is not defined in Azure AD. Users enrolled as 'End User' will be added to Service Desk as end users.

• Sync Status: 'Enable' - Imports users from the group after you click 'Synchronize Now'

'Disable' - Does not import users from the group after you click 'Synchronize Now'

• Click 'Synchronize Now' to start the initial import process.

• Click 'OK' on the confirmation alert

• Your AD account is added to C1/Dragon and users from selected user groups are imported. C1/Dragon will

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 10

Azure Active Directory (Azure AD)

periodically synchronize with AD to update user lists.

The Azure Active Directories Interface• Click 'Management' then 'Azure Active Directory' to view this interface

• The Azure active directories interface shows all Azure accounts added to C1/Dragon

• You can also edit account details and initiate manual synchronization with a selected AD account.

Azure Active Directories - Column Descriptions

Column Header Description

Tenant Your Azure Active Directory domain name.

• Click the domain name to open the 'Azure Active Directory Details' interface of the AD account

The details interface allows you to view account details and list of users/user groups. You can also edit group settings. See View Active Directory Details for more details.

Status Whether or not the AD account is enabled to import user groups to C1/Dragon.

Sync Status Whether or not the sync is complete or in-progress.

Last Sync Date Date and time of the most-recent synchronization.

Creation Date Date and time the account was added to Azure AD.

Update Date Date and time of last update to account details.

• Click any column header to sort items in ascending or descending order of entries in that column

Edit an AD account

• Select the account and click 'Edit' at the top

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 11

Azure Active Directory (Azure AD)

• The 'Edit Azure Active Directory' dialog opens.

• Enable Azure Active Directory Synchronization - Update Azure AD synchronization status. If enabled, select when the synchronization process should take place. All future syncs takes place at this time.

Remove an AD account

• Select the account and click the 'Delete' button at the top.

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 12

Azure Active Directory (Azure AD)

View Active Directory Details• Active directory details lets you view AD domain name, users/user groups, and other details about your AD

account.

• You can also change the role assigned to a group.

View the details of an AD account

• Click 'Management' then 'Azure Active Directory'

• Click the domain name of an AD account in the 'Tenant' column

This opens the details interface, which shows all Azure user groups added to C1/Dragon:

Active Directory User Groups - Column Descriptions

Column Header Description

Group Name The name of the user group.

• Click the group name to view users in the group. See View Users in a Group for more details.

• 'Not Editable' means that it is already in use by another MSP account. To makeit editable, disable or remove it from the other MSP account.

Role • The role (other than 'End User' and 'Account Admin' roles) assigned to users inthe group.

• 'End User' is the default role (not available in C1/Dragon). 'Account Admin' role is not applicable.

• You can change the role by editing the group. See Edit a User Group for moredetails.

Synchronization Shows whether or not C1/Dragon will sync with Azure to update user roster and user details.

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 13

Azure Active Directory (Azure AD)

Account Contact Email The email address of the admin responsible for the AD account in Azure.

Customer The customer company to which the user group is assigned.

Sync Status The progress of the last synchronization operation.

Last Sync Date Date and time of the last synchronization between C1/Dragon and Azure AD.

View Users in a User Group

• Click 'Management' > 'Azure Active Directory'

• Click the domain name of an AD account in the 'Tenant' column

• Click on the group whose users you want to view:

All users in the group are listed. User details include their email address, synchronization status, account status and their last login date.

Edit a User Group

• Select a user group and click 'Edit' at the top

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 14

Azure Active Directory (Azure AD)

Edit Active Directory User Group - Form Parameters

Form Element Description

Role • Select the role you want to assign to the group.

• Users assigned 'End User' role will be added as end users in Service Desk andcannot access C1/Dragon.

Tip: You can revert the roles to their Azure originals by clicking 'Set Default Role'

Synchronized Enable or disable synchronization of user list from this group to Comodo One/Dragon portal.

Customer Select the customer company for which the users from this group are to be imported into

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 15

Azure Active Directory (Azure AD)

Comodo One/Dragon.

• Click 'Save'.

Manually Synchronize User Groups from Azure Active Directory

• Comodo One/Dragon periodically synchronizes with Azure to update imported user groups. Synchronizationensures any changes to the user database in AD are reflected in the portal.

• You can also manually synchronize at any time. This is useful if there have been a recent changes to the AD user list.

Manually synchronize

• Click 'Management' then 'Azure Active Directory'.

• Select the target Azure accounts then click 'Synchronize':

• Click 'OK' in the confirmation dialog

The synchronization starts. You can see the progress in the 'Sync Status' column.

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 16

Azure Active Directory (Azure AD)

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 17

Azure Active Directory (Azure AD)

About Comodo Security SolutionsComodo Security Solutions is a global innovator of cybersecurity solutions, protecting critical information across the digital landscape. Comodo provides complete, end-to-end security solutions across the boundary, internal network and endpoint with innovative technologies solving the most advanced malware threats. With over 80 million installations of its threat prevention products, Comodo provides an extensive suite of endpoint, website and network security products for MSPs, enterprises and consumers.

Continual innovation and a commitment to reversing the growth of zero-day malware, ransomware, data-breaches and internet-crime distinguish Comodo Security Solutions as a vital player in today's enterprise and home security markets.

About Comodo CybersecurityIn a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally. For more information, visit comodo.com or our blog. You can also follow us on Twitter (@ComodoDesktop) or LinkedIn.

1255 Broad Street

Clifton, NJ 07013

United States

Tel : +1.877.712.1309

Tel : +1.888.551.1531

https://www.comodo.com

Email: EnterpriseSolutions@Comodo.com

Azure Active Directory Synchronization | © 2020 Comodo Security Solutions | All rights reserved 18

Azure Active Directory (Azure AD)