Page Comparison

To In order to bring the user, group and license data in your Azure AD to into Azure License Manager (ALM), where it can securely managed and monitored, you need to create a tenant for for your Azure AD in ALM.

To create

an Azure AD tenant in ALM

1. On the navbar, expand Azure License Manager and click Configuration.

   Image RemovedImage Added

2. Select the Tenants tab and then click the Add New Tenant button above the grid.

   Image RemovedImage Added

3. In the Tenant form that appears, fill in the following information:

   1. Account Store Name — Enter a name for the Azure AD tenant you are creating.

   2. App Service Url — Enter the URL for the Azure App Service. This is the base URL on the App service on the portal. EmpowerID uses this URL to make all calls to the EmpowerID SCIM microservice.

   3. Application ID — Enter the Application ID for the EmpowerID application you registered for EmpowerID in Azure AD.

   4. Tenant ID — Enter the ID of your Tenant. EmpowerID uses this to get the context for the submitting the access token that is used to inventory the resources in Azure and perform authorized CRUD operations against those resources.

   5. Auth Certificate Thumbprint — Enter the thumbprint of the certificate you uploaded for the application you registered for EmpowerID in Azure AD and added to the EmpowerID Identity Warehouse. The thumbprint ensures that whenever EmpowerID the SCIM microservice calls are made for the account store, the handshake with Azure completes and an access token is granted.

4. When ready, click Save to create the tenant.

   Image RemovedImage Added

   
   You should see the tenant in the grid.

   Image RemovedImage Added

Now that the tenant has been created, the next steps include configuring the account store and enabling EmpowerID to inventory it.

To configure account store settings

1. From the Account Stores tab of the Account Stores and Systems page, search for the account store you just created and click the Account Store link for it.

2. On the Account Store and Resource System page, click the Account Store tab and then click the pencil icon to put the account store in edit mode.

   

   
   This opens the edit page for the account store. This page allows you to specify the account proxy used to connect EmpowerID to your Azure AD as well as how you want EmpowerID to handle the user information it discovers during inventory. Settings that can be edited are described in the table below the image.