search

snipe / snipe-it

A free open source IT asset/license management system
https://snipeitapp.com
GNU Affero General Public License v3.0
11.12k stars 3.19k forks source link

[Feature Request]: Sync with ENTRA ID AD #15574

Open ahmed205 opened 1 month ago

ahmed205 commented 1 month ago

Is your feature request related to a problem? Please describe.

i wonder if there a way to sync the active directory like LDAP with ENTRA ID.

Describe the solution you'd like

if we can use Microsoft Graph it will be great.

Describe alternatives you've considered

No response

Additional context

No response

welcome[bot] commented 1 month ago

👋 Thanks for opening your first issue here! If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. We get a lot of issues on this repo, so please be patient and we will get back to you as soon as we can.

snipe commented 1 month ago

We have a lot of customers using Azure/Entra.

https://snipe-it.readme.io/docs/hosted-ldap-providers

https://learn.microsoft.com/en-us/entra/identity/domain-services/tutorial-configure-ldaps

The other option to sync user accounts would be SCIM.

Take a look at the following link: https://snipe-it.readme.io/docs/scim

The documentation really carries by provider to provider, as SCIM is just a protocol.

The big piece that you'll need is to generate an API token on your Snipe-IT instance, as a Super-User.

https://developer.interactsoftware.com/docs/connecting-to-azure-with-scim-v20 Take a look at the following link: https://snipe-it.readme.io/docs/scim The documentation really carries by provider to provider, as SCIM is just a protocol.

The big piece that you'll need is to generate an API token on your Snipe-IT instance, as a Super-User.

https://developer.interactsoftware.com/docs/connecting-to-azure-with-scim-v20

Snipe-IT Documentation
Hosted LDAP Providers
Azure Active Directory Your Azure AD needs to have LDAP enabled, and password hash synchronization enabled, and it needs to be accessible to the server running Snipe-IT on port 389 and/or 636. Microsoft's documentation on LDAP is here: https://docs.microsoft.com/en-us/azure/active-directory-domain-s...
Tutorial - Configure LDAPS for Microsoft Entra Domain Services - Microsoft Entra ID
In this tutorial, you learn how to configure secure lightweight directory access protocol (LDAPS) for a Microsoft Entra Domain Services managed domain.
Snipe-IT Documentation
SCIM
To enable SCIM support, you first need to generate an API key for a Superuser. As a superuser, go to the user menu near the upper-right, and choose "Manage API keys." Click "Create New Token." Copy the token and paste that in as a "Bearer Token" on your SCIM client's configuration pages. Sometimes t...
Interact
Azure AD
Azure AD supports User and Group provisioning via SCIM v2.0 for the Azure Enterprise Apps. Microsoft also offers rich documentation on this topic here: https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/user-provisioning Setup The fIrst step, is to create an Enterprise App Regi...
ivenemark commented 1 month ago

If I may, I was successful in connecting Azure and my SnipeIT instance. It was really easy to setup - just follow the guidelines in SnipeIT docs and Microsoft's.

Currently, my next problem is provisioning is successful but I can't see users being sync to my Snipe IT. Anyone has encountered this issue too? Using v7.0.13 on Ubuntu 20.04