Configuring Azure AD for self-hosted OfficeMaps

Configuring Azure AD for self-hosted OfficeMaps

This article is intended to provide network administrators with the steps required to enable Azure AD to integrate with self-hosted OfficeMaps.

IMPORTANT: THIS ARTICLE IS ONLY FOR ON-PREMISE INSTANCES. DO NOT COMPLETE ANY OF THESE STEPS IF YOUR INSTANCE IS HOSTED IN AWS.

NOTE: Azure Ad can only integrate with secured (https) websites. If your self hosted instance is running on http, then it will need to be changed prior to continuing.

Steps

1. Register Application

1.1. Open the Microsoft Azure Portal, select the Azure Active Directory option and then choose App Registrations.

  

 1.2. Click New application registration and enter any value for the Name field (in our example OfficeMaps). . 

 



  

1.3. The OfficeMaps application will now be registered. Select the new application and record the Application/Client ID which will be used later in this process.

  

 

2. Azure Ad Permissions

2.1. Choose the option API Permissions, then click Add a permission.

 

2.2. Scroll to the very bottom and Select Azure Active Directory Graph

2.3. Click Application Permissions.
2.4. Expand Directory, and select Directory.ReadAll


2.5. Click add permissions to save.

3. Microsoft Graph Permissions.

3.1.  Click Add a Permission again.
3.2. Microsoft Graph.

  
3.3. Click Application Permissions

3.4. If you want to allow access to Calendar data, expand Calendars and select Calendars.Read


3.5. Expand Group and select Group.ReadAll


3.6. Expand User, and select User.ReadAll

3.7. Once complete, click  Add permissions

The permissions should look similar to below.




3.8 Click Grant Consent.



4. Client/Application Secret
4.1. Select Certificates and Secrets, then click New client Secret.



4.2.  Add a name and select an Expiry. Note: if 1 or 2 years, a new secret will need to be created prior to expiry otherwise AD Sync will stop working. (Ability to login will continue working).

4.3. Click Add.

 

4.4.  When you click Save it is essential to manually record the key into Notepad or some other program as it is only displayed once.


5. Authentication - Redirect URIs

Note: redirect URIs Must be https, Microsoft does not allow http addresses to be entered.
Currently Microsoft rules


Redirect URIs to enter
Logout Url

Hosted Sites 
US  - us.officemaps.com
Europe  - uk.officemaps.com
AU/NZ - app.officemaps.com

substitute {your_officemaps_web_url} with the relevant uri eg for US,  us.officemaps.com
Redirect URIs
5.1. Enter your specific redirect URI's into the follow section.
       Type: Web.  then Uri.
5.2. Enter your specific Logout URL.


5.3.  Tick ID Tokens.
5.4. Select Accounts in this organizational directory only.

5.5. Click Save on the top page bar.





 6. Create an Azure Ad Group.
This step is only required if you do not already have a Group to use.
 To allow users to be added automatically or synchronise through an Azure Active Directory group, the group must be specified in OfficeMaps.
If your site does not have a desired Active Directory Group yet, this can be done in one of two ways. If OfficeMaps is an on premise installation this can be performed through Active Directory. Otherwise, this step can be completed by using the Azure Portal as detailed below. 

6.1. In the Azure Active Directory admin center,  navigate to Azure Active Directory , then search or  select Groups. 

 

6.2. Click New Group.



 

12. Enter details for the group and choose the Membership type Assigned. Choose members and add them to the group, then click Create. Take a note of the Group Name; like the key, this value will be used to set up synchronising in OfficeMaps.

 

Integrations_Configure_Azure_AD_333756988236_11.png

 


13. You will need the following information to configure the OfficeMaps application itself:
a. The Application ID identified in Step 3.
b. The Application Key identified in Step 9.
c. The AD security group which will be used by OfficeMaps for synchronising.




    • Related Articles

    • Migrating OfficeMaps from a Self-Hosted instance to a Hosted instance

      About Migrations Before a self-hosted instance can be migrated to a hosted instance, there are some questions that must be answered and actions taken in order to facilitate the migration. All users in self-hosted OfficeMaps will have a user name and ...
    • Adding a new Azure AD/Office 365 Integration Provider

      Azure AD/Office 365 integration allows users to log in using their Azure AD credentials and provides access to calendars for both people and meeting rooms. To add a new Azure AD/Office 365 Integration Provider choose the menu option Preferences -> ...
    • Self Hosted Upgrade Procedure

      The self-hosted version of OfficeMaps consists primarily of the OfficeMaps folder (assuming web sites and files etc. are still contained within) and the SQL Database. The overview of the upgrade process is:            Download and copy upgrade ...
    • 22 July 2018 OfficeMaps v2.2 Pre-release Announcement

      We are pleased to announce a significant update to OfficeMaps will be released in the next few days.  New versions will be released for: OfficeMaps web app OfficeMaps mobile web app OfficeMaps mobile app for iOS OfficeMaps mobile app for Android ...
    • Using a Field in AD for Desk Allocation during OfficeMaps Sync

      OfficeMaps has an AD Sync process to add users and associated properties from AD. Information about this is available in the article Sync People from AD. As part of this function, Administrators can specify a field in AD that is used to assign each ...