Netskope Community
-
Forums
ProductsCommunity Resources
-
Learn
Education, Training, Certification, and Thought LeadershipCommunity Resources
-
Groups
Community GroupsCommunity Resources
-
Events
Community Resources
- Support
- Netskope Community
- Other Forums
- Additional Discussions
- SCIM-Based User Provisioning with Azure Active Dir...
SCIM-Based User Provisioning with Azure Active Directory Free
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-24-2022
02:26 AM
- last edited on
02-24-2022
11:29 AM
by
kh_jenn
Hello,
I'm looking to add groups with Azure Active Directory Free.
The users are well synchronized but not the groups. Is it mandatory to upgrade to Azure Active Directory P1 for this feature?
Thank you
Regards,
Solved! Go to Solution.
- Labels:
-
Azure
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-24-2022 10:03 AM
Hi, this looks to be a MS limitation, see https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/assign-user-or-group-access-port....
The third paragraph states the following:
Group-based assignment requires Azure Active Directory Premium P1 or P2 edition. Group-based assignment is supported for Security groups only. Nested group memberships and Microsoft 365 groups are not currently supported. For more licensing requirements for the features discussed in this article, see the Azure Active Directory pricing page.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-24-2022 07:02 AM
Did you add the groups to the Netskope SCIM Enterprise Application? Do the provisioning logs tell you anything?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-24-2022 08:51 AM - edited 02-24-2022 10:52 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-24-2022 10:03 AM
Hi, this looks to be a MS limitation, see https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/assign-user-or-group-access-port....
The third paragraph states the following:
Group-based assignment requires Azure Active Directory Premium P1 or P2 edition. Group-based assignment is supported for Security groups only. Nested group memberships and Microsoft 365 groups are not currently supported. For more licensing requirements for the features discussed in this article, see the Azure Active Directory pricing page.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-04-2022 12:53 AM
You can always use postman to create the groups and add the users to the groups, not optimal but if this is just for testing purposes it will work
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Secure Hybrid Access with Azure Active Directory (AAD) and Netskope in Additional Discussions
- User Provisioning and Client Rollout Tips: Can I sync all users at once? in Additional Discussions
- SSL certs for Cloud Exchange using Let’s Encrypt in Additional Discussions
- Provisioning Users and Groups from Office 365 to Netskope/Policies based on Groups Users Office 365 in Additional Discussions
- Netskope Cloud Risk Exchange and CrowdStrike ZTA in Additional Discussions
-
cloud exchange
11 -
DLP
10 -
Threat Protection
5 -
sdwan
4 -
SASE
3 -
Advanced Analytics
3 -
ipsec
3 -
cloud threat exchange
3 -
IaaS
3 -
MacOS
3 -
SupportPoral
3 -
vpn
2 -
Proxy
2 -
on-prem
2 -
Community Forum
2 -
SWG
2 -
Azure
2 -
ztna
2 -
API
2 -
NPA
2 -
client update
2 -
publisher
2 -
steering
2 -
NG-SWG
2 -
SCIM
2 -
technology partner
2 -
SAML
2 -
Azure AD
2 -
best practice
2 -
Community Resources
2 -
Cloud & Threat Challenges
2 -
Rest API
2 -
advanced analytics custom
1 -
Netskope Community
1 -
Based-Group
1 -
proxy configurations
1 -
watermark
1 -
cisco
1 -
MIP
1 -
Authentication
1 -
Active Directory
1 -
regex
1 -
Based-Users
1 -
explicit proxy over IPSec
1 -
crowdstrike
1 -
SIEM Integration
1 -
Adapters
1 -
HELP!
1 -
Infrastructure as Code (IaC)
1 -
meraki
1 -
Email DLP
1 -
Netskope Agent
1 -
RBI
1 -
On-Premise Detection
1 -
Microsoft Sentinel
1 -
SupportPortal
1 -
cloud app
1 -
coexistence
1 -
SSPM
1 -
Remote access
1 -
traffic routing
1 -
OVF-OVA
1 -
interoperability
1 -
ServiceNow
1 -
voip
1 -
Home-office
1 -
traffic steering
1 -
Linux based
1 -
Webinar
1 -
restriction
1 -
GRE
1 -
install
1 -
roadmap
1 -
remote workers
1 -
Virtual Machines
1 -
HA
1 -
Machine Learning
1 -
option
1 -
tunnel
1 -
single mode
1 -
Netskope Private Access
1 -
Groups
1 -
Azure Virtual Desktop
1 -
PROD
1 -
AI
1 -
OSX
1 -
Client
1 -
multi-user mode
1 -
APIv2
1 -
Provisionning
1 -
Windows 365 Desktop
1 -
scim query postman
1 -
integration
1 -
Support
1 -
Verizon
1 -
User Defined Route (UDR)
1 -
ChangeManagement
1 -
certificate error
1 -
Macintosh
1 -
beta
1 -
DBIR
1 -
Office365
1 -
Internet next hop type
1 -
Workflow
1 -
Forensic File Storage
1 -
steer traffic
1 -
NSClient
1 -
netskope client
1 -
IDP
1 -
Rest API to fetch the Users from NetSkope
1 -
AD
1 -
hub-and-spoke model
1 -
Business Rule
1 -
DLP Violation
1 -
datacenter
1 -
private access
1 -
peruserconfig
1 -
MS Teams
1 -
Threat and Vulnerability Management
1 -
Network Virtual Appliances (NVA)
1 -
SSO cloud exchange azureAD
1 -
pop
1 -
VMware
1 -
Cloud Security
1 -
AZURE-AD-FREE
1 -
IPSec Tunnels
1 -
API Credentials
1 -
training
1 -
QRadar
1 -
Reporting
1 -
Waterfox Browser
1 -
Sync
1 -
Cloud Firewall License
1 -
risk management: cloud services
1 -
CASB
1 -
user
1 -
SMTP
1 -
Users Policies
1 -
PAC file
1
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below
Sign In