Azure Active Directory Installation Guide

 This guide will walk you through how to set up single sign-on (SSO) for Egnyte using Azure Active Directory.

Add Egnyte from the Gallery

Configure Azure AD Single Sign-On (SSO)

Test Azure AD SSO

Additional Resources

 

Add Egnyte from the Gallery

To configure the integration of Egnyte into Azure AD, you need to add Egnyte from the gallery to your list of managed SaaS apps.

To add Egnyte from the gallery, perform the following steps:

  1. In the Azure portal, on the left navigation panel, click Azure Active Directory icon.

    Active Directory

  2. Navigate to Enterprise applications. Then, click All applications.

    Applications

  3. To add new application, click New application button on the top of dialog.

    Applications

  4. In the search box, type Egnyte.

    Creating an Azure AD test user

  5. In the results panel, select Egnyte, and then click the Add button to add the application.

    Creating an Azure AD test user

 

Configure Azure AD Single Sign-On (SSO)

In this section, we'll show you how to enable Azure AD SSO in the Azure portal and configure it in your Egnyte application.

    1. In the Azure portal, on the Egnyte application integration page and click Single sign-on.

      Configure Single Sign-On

    2. On the Single sign-on dialog, select Mode as SAML-based Sign-on to enable SSO.

      Configure Single Sign-On

    3. On the Egnyte Domain and URLs section, perform the following steps:

      In the Sign-on URL textbox, type a URL using the following pattern: https://<domainname>.egnyte.com

      Check the box for Show advanced URL settings and enter the following URL in the Identifier field: https://saml-auth.egnyte.com

      2018-03-29_15-48-16.png

    4. On the SAML Signing Certificate section, click Certificate (Base64) and then save the certificate file on your computer.

      Configure Single Sign-On

    5. Click Save button.

      Configure Single Sign-On

    6. On the Egnyte Configuration section, click Configure Egnyte to open Configure sign-on window. Copy the SAML Entity ID, and SAML Single Sign-On Service URL from the Quick Reference section.

      Configure Single Sign-On

    7. In a different web browser window, log into Egnyte as an administrator, open the menu, and click Settings. Click the Configuration tab, and then click Security.

    8. In the Single Sign-On Authentication section, perform the following steps:

      a. Single sign-on authentication: SAML 2.0
      b. Identity provider: AzureAD
      c. Paste the SAML Single Sign-On Service URL copied from Azure portal into the Identity provider login URL textbox.
      d. Paste the SAML Entity ID which you copied from Azure portal into the Identity provider entity ID textbox.
      e. Open your base-64 encoded certificate in notepad (downloaded from Azure portal), copy the content of it into your clipboard, and then paste it to the Identity provider certificate text box. Be sure to remove the BEGIN and END delimiter lines.
      f. Default user mapping: Email address
      g. Use domain-specific issuer value: disabled

      Screen_Shot_2018-12-11_at_2.25.35_PM.png

    9. Click Save.

 

Test Azure AD SSO

 In this section, you'll test Azure AD SSO with Egnyte with a test user called "Britta Simon."

For SSO to work, Azure AD needs to know what the counterpart user in Egnyte is to a user in Azure AD. In other words, a relationship between an Azure AD user and the related user in Egnyte needs to be established.

In Egnyte, assign the value of the user name in Azure AD as the value of the Username to establish the link relationship.

To configure and test Azure AD SSO with Egnyte, you need to complete the following steps:

  1. Create an Azure AD Test User: To test Azure AD SSO with Britta Simon.
  2. Create an Egnyte Test User: To have a counterpart of Britta Simon in Egnyte that is linked to the Azure AD representation of user.
  3. Assign the Azure AD Test User: To enable Britta Simon to use Azure AD SSO.
  4. Test Single Sign-On: To verify the configuration was set up properly.

Create an Azure AD Test User

The objective of this section is to create a test user in the Azure portal called Britta Simon.

Create Azure AD User

  1. In the Azure portal on the left navigation pane, click the Azure Active Directory icon.

    Creating an Azure AD test user

  2. To display the list of users, go to Users and groups and click All users.

    Creating an Azure AD test user

  3. To open the User dialog, click Add on the top of the dialog.

    Creating an Azure AD test user

  4. On the User Dealog page, perform the following steps: 

    Creating an Azure AD test user

    a. Name: BrittaSimon (without spaces)
    b. User name: Email address of BrittaSimon.
    c. Select Show Password and write down the value of the password.

  5. Click Create.

 

Create an Egnyte Test User

To enable Azure AD users to log into Egnyte, they must be provisioned in Egnyte. With Egnyte, you can manually enter your users or you can use a CSV file to import them. We'll show you how to manually add a user, but you can read more about importing users here.

  1. Log into Egnyte as an Administrator, open the menu, and click Settings. Click the Users & Groups tab, and then click Add New User.


  2. From the drop-down, select the type of user you want to add. In our example, we'll add Britta as a Power User.

  3. In the New Power User section, perform the following steps:

    a. Type the First and Last Name, Email, and Username, of the Azure Active Directory account you want to provision.
    b. Authentication Type: Single Sign-On

  4. Click Save.

    Note: For existing users, find the user in the Users & Groups tab, hover over the user and click Details, and click Edit user profile. Make sure all of the details match the user in Azure Active Directory, change the Authentication type to Single Sign-On, and click Save.

Assign the Azure AD Test User

In this section, you'll enable Britta Simon to use Azure SSO.

  1. In the Azure portal, open the applications view.
  2. Navigate to the directory view, select Enterprise applications (under Manage), then click All applications.

    Assign User

  3. In the applications list, select Egnyte.

    Configure Single Sign-On

  4. In the menu on the left, click Users and groups.

    Assign User

  5. Click the + Add button. Then select Users and groups on the Add Assignment dialog.

    Assign User

  6. On the Users and groups dialog, select Britta Simon in the Users list.
  7. Click Select on the Users and groups dialog.
  8. Click Assign on the Add Assignment dialog.

 

Test Single Sign-On

Test the setup by having a user login to Egnyte with their Azure AD credentials. 

Note: All SSO authenticated users will be re-directed to your SSO page when attempting to login on Egnyte.

Additional Resources

 

Egnyte Community

Egnyte Community

Want to connect with other Egnyte users and our Egnyte team? Share ideas and ask questions in our Community .