search

snipe / snipe-it

A free open source IT asset/license management system
https://snipeitapp.com
GNU Affero General Public License v3.0
10.91k stars 3.15k forks source link

[Feature Request]: Sync with ENTRA ID AD #15574

Open ahmed205 opened 19 hours ago

ahmed205 commented 19 hours ago

Is your feature request related to a problem? Please describe.

i wonder if there a way to sync the active directory like LDAP with ENTRA ID.

Describe the solution you'd like

if we can use Microsoft Graph it will be great.

Describe alternatives you've considered

No response

Additional context

No response

welcome[bot] commented 19 hours ago

👋 Thanks for opening your first issue here! If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. We get a lot of issues on this repo, so please be patient and we will get back to you as soon as we can.

snipe commented 15 hours ago

We have a lot of customers using Azure/Entra.

https://snipe-it.readme.io/docs/hosted-ldap-providers

https://learn.microsoft.com/en-us/entra/identity/domain-services/tutorial-configure-ldaps

The other option to sync user accounts would be SCIM.

Take a look at the following link: https://snipe-it.readme.io/docs/scim

The documentation really carries by provider to provider, as SCIM is just a protocol.

The big piece that you'll need is to generate an API token on your Snipe-IT instance, as a Super-User.

https://developer.interactsoftware.com/docs/connecting-to-azure-with-scim-v20 Take a look at the following link: https://snipe-it.readme.io/docs/scim The documentation really carries by provider to provider, as SCIM is just a protocol.

The big piece that you'll need is to generate an API token on your Snipe-IT instance, as a Super-User.

https://developer.interactsoftware.com/docs/connecting-to-azure-with-scim-v20

Snipe-IT Documentation
Hosted LDAP Providers
Azure Active Directory Your Azure AD needs to have LDAP enabled, and password hash synchronization enabled, and it needs to be accessible to the server running Snipe-IT on port 389 and/or 636. Microsoft's documentation on LDAP is here: https://docs.microsoft.com/en-us/azure/active-directory-domain-s...
Tutorial - Configure LDAPS for Microsoft Entra Domain Services - Microsoft Entra ID
In this tutorial, you learn how to configure secure lightweight directory access protocol (LDAPS) for a Microsoft Entra Domain Services managed domain.
Snipe-IT Documentation
SCIM
To enable SCIM support, you first need to generate an API key for a Superuser. As a superuser, go to the user menu near the upper-right, and choose "Manage API keys." Click "Create New Token." Copy the token and paste that in as a "Bearer Token" on your SCIM client's configuration pages. Sometimes t...
Interact
Azure AD
Azure AD supports User and Group provisioning via SCIM v2.0 for the Azure Enterprise Apps. Microsoft also offers rich documentation on this topic here: https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/user-provisioning Setup The fIrst step, is to create an Enterprise App Regi...
ivenemark commented 8 hours ago

If I may, I was successful in connecting Azure and my SnipeIT instance. It was really easy to setup - just follow the guidelines in SnipeIT docs and Microsoft's.

Currently, my next problem is provisioning is successful but I can't see users being sync to my Snipe IT. Anyone has encountered this issue too? Using v7.0.13 on Ubuntu 20.04