Using Azure AD
The admin can follow the below steps to configure Multi-User Profile in SureLock with Azure AD:
1. Access SureLock Admin Settings.
2. On the Admin Settings screen, tap Multi-User Profile Settings.
3. On the Multi-User Profile Settings screen, tap Server Configuration.
4. Select Azure AD as a server from the drop-down menu.
The admin needs to have an active Azure account with users created.
5. Enter the Client ID and Tenant ID (fetched from the Azure AD portal).
6. Enter the Profile Meta Tag.
- In LDAP or Azure AD, meta tags typically refer to metadata or additional labels used to describe, classify, or provide extra context for directory entries, making them easier to organize and manage. For example, if a meta tag such as Department=Finance is added to user entries, the tag Department can be specified in the Profile Meta Tag field. A profile named Finance can then be created under Profile Management. When a user assigned to the Finance department logs in, they will automatically gain access to the apps and configurations associated with the Finance profile *
7. Enable/disable the Revoke Access When No Meta Tag/Profile is Found:
I. Enable - Enable this option if the Profile Meta Tag Key is not available for the user to prevent the user from logging in.
II. Disable - Disable this option if the Profile Meta Tag Key is not available for the user to apply the Default Profile to the device.
8. Enable/disable the Single Sign-On:
I. Enable - Enable this option requires the Microsoft Authenticator application for authentication. Admins should install and allow the Microsoft Authenticator in SureLock before proceeding.
II. Disable - Multi-user authentication will take place in SureLock’s WebView. SureLock displays the Azure AD login page in its own WebView.
9. Once all the required data is entered, click Validate.
10. Tap Validate to enter user credentials and authenticate the server details. Then save the server configuration on successful validation.