Skip to main content

Active Directory (AD)

SureMDM offers an Active Directory (AD) sync tool that streamlines the management of groups, making it more convenient and efficient. By using this tool, IT administrators can save time and avoid the hassle of manually creating groups.

note
  • SureMDM AD Connect is a Windows tool developed by 42Gears to enable sync between the AD server and the SureMDM Console.
  • Please download and keep the SureMDM AD connect tool handy.
  • The same can be obtained by reaching out to 42Gears technical support.

To create and sync the groups that are created on the AD server to the SureMDM console, follow the steps given under the respective topics:

  • Enable AD Integration
  • SureMDM AD Connect Tool

Enable AD Integration

To enable AD integration and fetch the details from the SureMDM console, follow these steps:

  1. Log in to the SureMDM Console.

  2. Navigate to Settings >  Account Settings > Enterprise Integration > AD Integration > Enable AD Integration (Check the box).

  3. The following details displays in the respective fields:

  • Sync – This enables SureMDM to sync the group data available in the AD server in real time.
  • Server Path – This parameter is predefined in the SureMDM console and needs to be used over AD Connector.
  • API Key – This parameter is predefined in the SureMDM console and needs to be used over AD Connector
  • Save – This option is to save the above-defined settings on the SureMDM console.

SureMDM AD Connect Tool

After downloading and installing the AD Connect tool on the Windows machine, update the below-mentioned fields:

note

All the fields in the SureMDM AD Connect tool are mandatory.

  1. Go to the SureMDM AD Connect tool and enter Server Path – Provided with the SureMDM console URL(DNS). The server path will be mentioned in the MDM console.

  2. Customer ID (Account ID) – Navigate to SureMDM console> Settings > Account ID.

  3. API Key can be found under SureMDM console >Account Settings> Enterprise Integrations> AD Integration. Please refer to the first screenshot for future reference. 

  4. AD Server address – Active Directory Server IP or DNS.

  5. Username/Password – Username/Password of the AD server.

note
  • The “Test” connection option is available to check the connectivity with the AD Server.
  • Add and Delete buttons are used to add/remove OU’s. The OUs are validated before adding.
  1. Add OU’s – the list of OU’s to be synced with SureMDM and then click Apply \& Start. 
note

Click here Wto find out how to obtain the necessary OUs.

  1. Once the users are synced, go to the SureMDM console home page and refresh to view the newly created groups and the AD users in Settings > Account Settings > Enterprise Integration  > AD Integration > AD Users.
  • AD Users screen

  1. Now, configure OAuth Authentication in the SureMDM console. To learn how to configure it, click here.

  2. Once the OAuth configuration is complete, the user can proceed to enroll the device using the specific Account ID and Server Path. This enrollment automatically assigns the user/device to a specific group in the SureMDM console.

note

When registering the device, the user must enter their authentication details, which include their username and password. These details must match the ones used to add the user to the designated group in the AD connector tool.