Skip to main content

Azure AD configuration (new interface)

François

As the group manager, you can configure Nomadesk, so that your managed users will have to authenticate to Microsoft Azure Active Directory, instead of using 'Nomadesk' (Email and password) authentication.

Keep in mind, that once you enable this, all the users in your managed group must have an Azure AD account, that has the same email address as they do on Nomadesk. 

NOTE: when Azure AD is enable you are NOT able to log in offline, as the verification happens via Azure AD, which can't be done when offline.

Doing this requires some configuration in both Nomadesk (SAML settings), and your Azure AD.

1. login at https://manage.windowsazure.com

1.jpg

2. go to active directory

3. go to App registrations -> select New application registration

2.jpg

4. fill out the requested information and click create 

  • Name = Nomadesk
  • Application type = Web app / API
  • Sign-on URL = https://mynomadesk.com

5. under App registrations go to Endpoints

3.jpg

6. copy the Federation Metadata Document URL

5.jpg

7. go to myNomadesk.com (login with the group manager account)

8. go to Manage -> Group Settings -> Security Settings -> SAML

4.jpg

9. paste the Federation metadata URL from step in the Identity provider metadata URL, click save and confirm

6.jpg

10. copy the Federation metadata URL that you get after step 9

8.jpg

11. go back to the Azure AD portal -> Active Directory -> App registrations -> select the Nomadesk app

9.jpg

12. go to keys -> fill out Nomadesk -> set the preferred expiry -> click Save

10.jpg

13. visit the URL from step 10 and download the file

14. open the file with a texeditor and copy the "SAML:2.0:bindings:HTTP-POST"-url

15. go to Reply URLs -> remove the pre-filled one there -> paste the "SAML:2.0:bindings:HTTP-POST"-url and click save  (don't just copy paste the URL from step 10, but open it in a browser and downloaden the file to view its content)

11.jpg

16. go to Properties -> paste the Federation Metadata URL from step 10 in the App ID URL -> save

app_id_URL.jpg

17. go to myNomadesk.com and log in -> you'll get an error message -> copy the link after reply address

12.jpg

18. go back to the Azure AD portal -> Active Directory -> App registrations -> select the Nomadesk app -> Reply URLs

19. paste the URL from the error from step 15 in the reply URLs

20. you can now log in correctly at myNomadesk.com

Related articles

Comments

0 comments

Please sign in to leave a comment.