Reputation: 41
Azure AD Synchronization using SCIM and Asp.Net Web-Services
I want to Sync users on an Azure AD with my DB and keep it up-to-date. I found this article that is using SCIM and C# which it is exactly what I'm looking for, but I can't understand some steps, and I made a research for an alternative ways to do it, but most of the results were referring to the same article: https://learn.microsoft.com/en-us/azure/active-directory/active-directory-scim-provisioning I tried to download the code referenced in the article, here https://github.com/Azure/AzureAD-BYOA-Provisioning-Samples/tree/master and I ran it with no errors, and I followed the steps but I reached to a dead end. My Questions are:
- is there any alternatives or this is the only way to do it?
- in the article, "To create a sample SCIM endpoint" step 7, I didn't understand why it should run like this "FileAgnt.exe http://ip-address:9000 TargetFile.csv"
- What is the "SCIM endpoint " mentioned in section "To register the sample SCIM endpoint in Azure AD" and also steps from 6 to 11 it didn't work with me.
I would really appreciate if I can have a different reference or another tutorial or a 1 2 3 steps to follow. Thanks in advance.
Upvotes: 0
Views: 1232
Answers (1)
Reputation: 18465
in the article, "To create a sample SCIM endpoint" step 7, I didn't understand why it should run like this "FileAgnt.exe http://ip-address:9000 TargetFile.csv"
I checked the tutorial you provided, the instruction does not match the relevant github sample. For the FileProvisioningAgent project, if we run the FileAgnt.exe, we may retrieve the following result:
Per my testing, you need to build the FileProvisioningService project and execute it on your Windows machine to listen at the address your specified, and output all assigned and provisioned users and groups into the CSV file.
FileSvc.exe http://<ip-address>:9000 TargetFile.csv
What is the "SCIM endpoint " mentioned in section "To register the sample SCIM endpoint in Azure AD" and also steps from 6 to 11 it didn't work with me.
Per my understanding, Azure AD would try to access the endpoint exposed by your Windows machine. And your Windows machine would listen the endpoint and receive the provisioned users from Azure AD. I have no condition to do this configuration, but you could check your SCIM endpoint could be accessed via the internet and the related port is not blocked by Windows Firewall.
is there any alternatives or this is the only way to do it?
As Automate provisioning to SCIM-enabled apps mentioned as follows:
The initial sync takes longer to perform than subsequent syncs, which occur approximately every 20 minutes as long as the service is running.
Per my understanding, you may try to build your application and use Azure AD Graph or Microsoft Graph to retrieve the users and groups, then insert / update into your DB.
Upvotes: 2
Related Questions
- Azure Active Directory Enterprise App OpenID and User Provisioning (SCIM)
- Azure AD: how to key users when using OIDC and SCIM
- SCIM endpoint. Error when testing from Azure AD
- provisioning using SCIM
- Azure AD User Provisioning with SCIM 2.0
- .NET Core and Azure Active Directory integration
- Azure AD User Sync with AD DS
- Working with windows Azure active directory
- AD Directory Programming with Azure Active Directory
- Azure to Dynamics CRM 2011: how to implement AD authentication?