Adding a new Azure AD/Office 365 Integration Provider
What is an Integration?
An integration is a way for Administrators to connect OfficeMaps to a third-party services like Microsoft or Google, which can be used to authenticate users attempting to log in. An integration can also be configured to allow OfficeMaps to synchronize people and their data so that the people in OfficeMaps fully reflect the users and their details from the third-party system. Finally, OfficeMaps can be granted access to read and write users’ calendars, providing a way for users to view their daily activities and even create meetings through OfficeMaps.
To view Integrations, choose the Main Menu option → Preferences → Integrations.
Adding an Integration
Click the + Add New Integration button to add a new integration or click on one that has been created previously to edit or delete it.
On the next screen, choose a new integration type to add:
Microsoft 365 and Azure AD: Connects OfficeMaps to Microsoft platforms which provide support for authentication, calendars, and Microsoft Teams presence.
Exchange: Connects OfficeMaps to Exchange Server which gives access to users’ calendars.
Embrava: Connects OfficeMaps to the Embrava Desk sign in system which allows users to confirm that they have entered an office.
PointGrab: Connects OfficeMaps to the PointGrab system which automatically detects users entering an office space.
Microsoft 365 / Azure AD
Enter the information below to enable OfficeMaps to connect to Microsoft 365 / Azure AD.
Integration Label: The name of the integration so it can be easily identified within OfficeMaps.
After entering a value for the label you must save the integration before continuing. The SAVE button is visible at the bottom of the page. After this, you can continue to edit the integration details.
Authorise Azure AD Log In
Authorise OfficeMaps Web: This setting will allow all users to connect to OfficeMaps through a browser using their Microsoft credentials.
Authorise OfficeMaps Mobile: This setting will allow all users to connect to OfficeMaps through the mobile application using their Microsoft credentials.
Clicking on either of these buttons will redirect to a Microsoft dialog where an Azure AD Administrator will be able to enter their login details to confirm consent. For most instances, both of these settings would be enabled to maximise access for users.
Authorise Azure AD User Sync
User Groups: The name(s) of existing Windows Group/s to source users from. Organisational Units cannot be used for this field. If more than one group is required, separate the group names with a semicolon (e.g. Accounts;Management). During a sync, users from the named groups will be added to OfficeMaps with the role User if they do not already exist in OfficeMaps.
To ensure that the AD Sync process is fully configured, you will also need to adjust settings in Preferences → People. More information about this process is available in the later section AD Sync Settings in Preferences → People.
Make sure that you have saved your integration by clicking the SAVE button before leaving the Integration page.
Clicking the Authorise Access for AD Sync button will redirect to a Microsoft dialog where an Azure AD Administrator will be able to enter their login details to confirm consent.
It is possible to authorise Azure AD Log In permissions without using AD Sync, but all users will need to be created or
imported manually and their email address field must match their Azure AD
credentials.
Tenant Schema Extension App Client ID
OfficeMaps can read information from Azure AD to set OfficeMaps user details. Most fields can be read directly but for some fields in Azure AD (including custom fields), Administrators will need to record their Tenant Schema Extension App Client ID. The Azure AD fields that will require a value in this field are:
Initials
IP Phone (Phone Extension)
WebPage
as well as any custom field.
To get information about how to find your Tenant Schema Extension App Client ID please contact support@officemaps.com.
Enable Calendar Read Access
Setting this check box will allow OfficeMaps to display a user’s or an asset’s calendar from within the application.
Authorise Calendar Write Access
Setting this check box will allow OfficeMaps to update a user or asset's calendar when a meeting is created from within the application. Clicking the Authorise Access for Calendar button will redirect to a Microsoft dialog where an Azure AD Administrator will be able to enter their login details to confirm consent.
Authorise Teams Presence Read Access
Administrators can enable OfficeMaps to read information about users' Microsoft Teams presence through the Azure AD integration. To set this up, enter the username and password of an Azure AD service account that will be used to check users' presence. This account must not have multi-factor authentication (MFA) enabled.
AD Sync Settings in People → Preferences
Additional settings are required to finalise configuration of the Azure AD Synchronisation. To view these settings, choose the Main Menu option → Preferences → People.
If using Azure AD to add people to OfficeMaps, select the third option in the section How Are New People Added? This will ensure that the default Azure AD integration is used to add new users to OfficeMaps.
Additional settings can control the behaviour of the AD Sync process when a user's Azure AD account is disabled or when users are removed from the User Group(s). Choose the options that meet your organisation's requirements:
- Users in OfficeMaps who are members of the named User Group(s) will have their role set to Disabled / Non User if their Azure AD account is disabled.
- Users in OfficeMaps who are removed from the named User Group(s) will have their role set to Disabled / Non User.
It is also possible to control the behaviour of the AD Sync process if an existing OfficeMaps Non-User / Disabled account is re-enabled in Azure AD.
- Non-User or Disabled Users in OfficeMaps can be re-enabled if their membership of the named User Group(s) is restored.
The final setting is disabled by default.
If changes to User Groups would mean that either more than 50 users or 10% of an instance are disabled in OfficeMaps during a sync, the synchronisation operation will fail. This prevents accidental disabling of multiple accounts. To allow synchronisation to disable any number of users, please contact support@officemaps.com to lift this security check.
By default, the AD Synchronisation will only occur when run manually. Further down the Preferences → People page, the Synchronization setting allows you to perform an AD Sync every night so that OfficeMaps user membership can be maintained automatically. Most instances that have created an Azure AD /Office 365 integration will enable this setting.
To perform an AD Sync manually, choose the Main Menu option → People page. From here, select Actions and choose Sync People From AD (excluding profile pictures) or Sync People from From AD (including profile pictures). An AD Sync that includes profile pictures will take longer.
Related Articles
Adding an Exchange Server Integration Provider
Exchange Server integration provides access to calendars for meeting rooms and also people, if it is specified as the default provider. To add a new Exchange Server Integration Provider, choose the menu option Preferences -> Integrations. Adding an ...Adding the Embrava Integration Provider
Before configuring the Integration, you will first need to obtain your OrganizationID and Secret Key from Embrava. Setup the Embrava Integration Click on the main OfficeMaps menu and select Preferences. From the Menu, select Integrations. Click the ...Configuring Azure AD for self-hosted OfficeMaps
This article is intended to provide network administrators with the steps required to enable Azure AD to integrate with self-hosted OfficeMaps. IMPORTANT: THIS ARTICLE IS ONLY FOR ON-PREMISE INSTANCES. DO NOT COMPLETE ANY OF THESE STEPS IF YOUR ...Step 3: Adding People to OfficeMaps
There are 3 ways to add people to OfficeMaps: First: Manually via the browser interface. This allows you to edit users via the browser. Useful for adding/editing/removing small numbers of users. Users created this way are managed in OfficeMaps. ...Sync People from AD
Please ensure the steps required have been done prior to attempting to run Ad Sync. For Azure Ad/ Office 365, Setup the Integration Provider . (including setting How are new people added). For AD (on premise) - Open the main menu and choose ...