SOTI Pulse Logo

Connecting on-premise MobiControl to Azure AD

MS
Mike Shouppe
Baptist Health Care

We're looking at leveraging the new User Enrollment feature of iOS 13 and are having a tough time connecting our on-prem MobiControl instance to our Azure AD. We have followed the instructions here (https://www.soti.net/mc/help/v14.0/en/console/system/ldap/azure_authenticate_mc.html) but are confused about number 3 ("Configure permissions for the application"). In Azure, we have granted "Directory.Read.All" permissions for the app and we are fairly certain we have entered everything correctly but we cannot get it to work. When searching the directory (through the Security tab), we get "The server could not complete your request. An internal error occurred."

In the ManagementService logs it looks like it is failing while trying to acquire a token. Has anyone had similar issues? We have already synced to AD using a traditional LDAP connection, but we would like to figure out how to connect to Azure as well.

azure
5 years ago
SOTI MobiControl
ANSWERS
K
KKMOD@SOTI
5 years ago

Hello Mike,

Thank you for the question. If I understood you correctly then you are seeing errors related to Azure api in the logs.

Can you please confirm if the following permissions were granted in the Azure portal:

Application Permissions   Read and Write devices

Application Permissions   Read and Write directory data              

Application Permissions   Read directory data                          

Delegated Permissions   Read All Groups                             

Delegated Permissions   Read and Write All Groups 

This should resolve all permission related issues,if any.

            

If you still experience any issues, I would suggest you to open a support ticket with Soti.

Similar Discussions