Articles in this section

See more

Azure Active Directory

Mobile Guardian Developer
  • Updated
Follow

With Mobile Guardian, you can integrate your Azure Active Directory authentication for both users and devices by inputting the required information on your school or district dashboard.

This article will cover the following: 

Pre-Requisites

The Azure Lightweight Directory Access Protocol (LDAP) authentication integration forms part of the Azure Active Directory Domain Services (AD DS) product. As such, this product must be licensed within Azure before it can be used for user sync and mobile device authentication within Mobile Guardian.

Azure enforces that a valid SSL certificate be used when allowing access via the internet and Mobile Guardian requires that this certificate be from a public certificate authority. You must ensure that the certificate matches the wildcard domain of your AD DS environment as Azure will not let you upload anything else. If you are having trouble setting up or using LDAP authentication, please make use of the Microsoft trouble shooting guide.

Once everything has been configured, the final step will be to require all users to reset their passwords so that they can sync from AD to AD DS. Without this step, authentication from the Mobile Guardian application will fail. Please see the Microsoft guide for further information about self-service password resets for your organisation.

Required information for the configuration

Now that you have all the prerequisites, we suggest gathering the following required information. This information will be needed when setting up the configuration on the Mobile Guardian dashboard for both user sync and mobile authentication settings:

  • Active Directory Details
    • Account suffix - ie @domain.com
    • Base DN
    • Domain Controller ie IP address or site.com
    • Username
    • Password

  • Active Directory Mobile Details
    • Account suffix - ie @domain.com
    • Base DN
    • Domain Controller ie IP address or site.com
    • LDAP Port
    • LDAPS Port
    • Certificate - Certificate for authenticating the connection

Once you have acquired the above information you are ready to go through the steps of adding your configuration to the Mobile Guardian Dashboard using the guide below.


Step-By-Step Guide for Azure Configuration on the Dashboard

Using this guide we will go through the steps of adding the information gathered into the settings of the user sync and mobile authentication configurations on your dashboard.

Step 1 - User Sync

I. Login to Mobile Guardian.

II. Click on Settings 

III. Click on Directory Settings

mceclip1.png

IV. Now we will start with user sync, enter the correct information on the form.

mceclip2.png

V. (Optional) Once you have entered the required details, You may then choose whether you would like to use SSL or not but selecting the slider to enable it.

mceclip3.png

VI. There are some additional settings you may enable, this is to your own preference.

mceclip4.png

VII. Once you are ready you may select the Test Connection option, if your connection is successful the dashboard will notify you with a "Connected" message.
You must click Save to save the configuration.

mceclip5.png

 

Congratulations you have set up the first configuration!

You can now proceed to set up the Mobile Authentication, which must be completed to finish setting up Azure Active Directory configurations on Mobile Guardian.

 

Step 2 - Mobile Authentication

For this next part, we will move to the Mobile Authentication tab.

I. In Settings > Active Directory > Click on the Mobile Authentication tab

mceclip7.png

II. Enter the information into the form, making sure the certificate is from a public certificate authority. 

III. Scroll down you to view further options you can select.
Proxy via Mobile Guardian servers is optional, as well as Time-out and Inactivity time-out.  You will need to select a Signed-out behavior from the following choices to finish off the configuration.

mceclip8.png

IV. Select Save and you will receive a notification informing you that the settings have been saved.

mceclip9.png

You have now completed setting up the dashboard configuration for Azure.

Any Device that you enrol will now display a Sign-in screen when opening Mobile Guardian which will look similar to the following device.

 

mceclip10.png

 

Congratulations your Azure Active Directory has been configured.

Back to the Top

Please let us know if you found this useful

Thanks for reading :)

Related articles

Comments

0 comments

Article is closed for comments.