Skip to main content
Matrix42 Self-Service Help Center

AAD Data Provider Settings

Overview

The Azure Active Directory Data Provider is designed for establishing the integration between Matrix42 Software Asset & Service Management and an Azure AD server.

On this page you may find data filtering conditions and advanced settings of the Azure Active Directory Data Provider.

Go to the Administration application → Integration → Data Providers → Azure Active Directory → click Edit → open Settings view.

Settings and Filters

This section contains a number of settings grouped as follows:

010 Connector Configuration-Settings-New condition.png

Domain

Use the single selection button to select the domain for which the integration should be established.

Import Users

Indicates whether users will be imported.

User Filter

If User Filter is active you can specify a collection of conditions based on a list of supported properties for filtering to retrieve just a subset of a collection.

Supported properties

Description

Account Enabled

true if the account is enabled; otherwise, false. This property is required when a user is created.

City

The city in which the user is located.

Country

The country/region in which the user is located; for example, “US” or “UK”.

Department

The name of the department where the user works.

State

The state or province in the user's address. 

Country Code

A two-letter country code (ISO standard 3166). Required for users that will be assigned licenses due to legal requirements

to check for availability of services in countries. Examples include: "US", "JP", and "GB".

Display Name

The name displayed in the address book for the user.

This is usually the combination of the user's first name, middle name, and last name.

This property is required when a user is created and it cannot be cleared during updates.

Employee ID

The employee identifier assigned to the user by the organization.

First Name

The given name (first name) of the user.

Last Name

The user's surname (family name or last name).

When the Last Name is not defined, the user's Display Name is used for filling Last Name (all parts after the first name are split with whitespace and added as the last name).

Job Title

The user’s job title.

Mail

The SMTP address for the user, for example, "jeff@contoso.onmicrosoft.com".

Mail Nickname

The mail alias for the user. This property must be specified when a user is created.

On-Premises Immutable ID

This property is used to associate an on-premises Active Directory user account to their Azure AD user object.

This property must be specified when creating a new user account in the Graph if you are using a federated domain for the user’s userPrincipalName (UPN) property.

The $ and _ characters cannot be used when specifying this property.

Other Mails

A list of additional email addresses for the user; for example: ["bob@contoso.com", "Robert@fabrikam.com"] 

Proxy Addresses

For example: ["SMTP: bob@contoso.com", "smtp: bob@sales.contoso.com"]

User Principal Name (UPN)

The User Principal Name (UPN) of the user.

The UPN is an Internet-style login name for the user based on the Internet Standard RFC 822.

By convention, this should map to the user's email name. 

User Type

A string value that can be used to classify user types in your directory, such as “Member” and “Guest”.

Import Groups

Indicates whether groups will be imported.

Group Filter

If Group Filter is active you can specify a collection of conditions based on a list of supported properties for filtering to retrieve just a subset of a collection.

Supported properties

Description

Display Name

The display name for the group. This property is required when a group is created and cannot be cleared during updates.

Group Types

Specifies the group type and its membership. 

If the collection contains Unified then the group is an Office 365 group; otherwise, it's a security group. 

Mail

The SMTP address for the group.

Mail Nickname

The mail alias for the group, unique in the organization. This property must be specified when a group is created.

On-Premises Last Sync DateTime

Indicates the last time at which the group was synced with the on-premises directory. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'

On-Premises Sync Enabled

  • true if this group is synced from an on-premises directory; 
  • false if this group was originally synced from an on-premises directory but is no longer synced; 
  • null if this object has never been synced from an on-premises directory (default).

Proxy Addresses

Email addresses for the group that direct to the same group mailbox. For example: ["SMTP: bob@contoso.com", "smtp: bob@sales.contoso.com"]

Security Enabled

Specifies whether the group is a security group.

Filter conditions

To add a filter condition, follow these steps:

  • Click Add Condition.
  • Select the property you'd like to filter.
  • Select an operator.

    The following operators are supported by Azure Active Directory Graph API:

    • Equals
    • Starts With.

    The filter conditions can be combined by using the following logical operators:

    • AND
    • OR

    Creating groups of conditions is supported as well.

    Only one kind of logical operator can be defined on each level

 

  • Was this article helpful?