Skip to content

How to Onboard Domain User Groups into Securden Endpoint Privilege Manager?

Domain groups are the user groups created in the Active Directory or Azure AD based on different criteria such as job responsibilities and associated user privileges. You can onboard these user groups into Securden Endpoint Privilege Manager to manage privileges more efficiently and effectively.

Once imported, these domain groups will be in continuous synchronization with their AD or Azure AD counterparts.

How to onboard Active Directory Domain Groups?

Any number of active directory domains can be added to Securden EPM for managing AD users and groups. You can add your AD domains by navigating to Admin >> Integrations >> Active Directory Domains.

Alternatively, you can specify the domain details during the process of importing a group by navigating to Users >> User Group >> Add >> Import from AD.

This is a two-step process.

  • Connect to the AD domain.

  • Select and Import Specific User Groups

Step 1: Connecting to the Active Directory Domain

You need to select an AD domain from the list of available domains. If you want to add a new AD domain, you may refer to this document for assistance.

How To Connect To Active Directroy To Import User Groups Into EPM

Once the domain is selected, the other details such as credentials will be automatically filled in. If you want to use a different account for authentication, you can click on Modify.

Step 2: Selecting and Importing User Groups

This step is to fetch the required groups from the AD domain specified. This GUI offers the flexibility to fetch user groups from OUs and Groups in bulk in a single step. That means you can enter the names of the OU/Groups to be discovered in a single step. You can enter the discovery details in any combination you wish.

To import OUs, select the OU tab

1) Enter the OU name in the search bar and select Discover.

2) You can also browse from the OU tree by clicking on the Browse OU Tree and Select option. You can select one or multiple OUs and select Add.

3) You can then verify your selection in the Verify the Objects Selected for Discovery.

To import groups, select the Groups tab.

1) Enter the group name and select Discover.

2) You can also browse from the group tree by clicking the Browse Groups and Select option. You can select one or multiple groups and select Add.

3) You can then verify your selection in the Verify the Objects Selected for Discovery.

You can select the role of the users in the group(s) imported using the Role in Securden dropdown.

Before selecting import, you can look into the advanced settings which are explained below.

Advanced Settings

You can choose whether to import all the subgroups of the groups selected for import or ignore the subgroups and import the selected entity alone.

Once you have selected the preferences, you can click Import.

The process takes some moments and once it is completed, the summary of the process will be displayed. You can verify the entities imported from your domain.

How to Import Azure AD Domain Groups?

Prerequisite: Azure AD import requires internet connectivity. If your organization makes use of a proxy server to regulate internet traffic, you should have configured proxy server settings (from Admin >> General >> Proxy Server Settings).

Importing Azure AD groups is important for organizations running on Azure and hybrid environments. You can integrate any number of Azure AD domains with Securden and import user groups from each of them.

Navigate to Users >> User Groups >> Add >> Import from Azure AD and follow the steps below.

Step 1: Connecting to Azure AD Domain

1) To import groups from your Azure AD domain, Securden needs to scan your Azure AD domain. You need to select the required Azure domain from the drop-down menu.

Note

If you want to add a new Azure domain, you can refer to the steps provided here.

2) When an Azure domain is selected from the drop-down, the credentials required for connecting to the Azure AD domain are automatically filled in.

3) You need to select whether you want to manually select the required groups or fetch all the groups that are associated with a certain Azure enterprise application. If you select the former, you can proceed to the next step by clicking Next.

4) If you want to Import via Azure Application, you need to provide the Object ID of the required application. Follow the steps below to fetch the Object ID.

  1. Login to your Azure Portal.

  2. Go to Enterprise Applications and click on the required application.

  3. In the Overview section, locate the Object ID and copy the credential.

  4. Paste the Object ID in the Securden interface as shown below.

How To Import Azure AD Groups From Enterprise Applications

  1. Once the Object ID is added, you have the option to Configure Periodic Discovery of user groups from this object. You can choose which Azure groups and group types to fetch the users from by exploring the Advanced Settings.

  2. Once the preferences are selected, click Discover.

Note

User import is subject to your license limits. In case, the number of users you try to import exceeds the license limit, the number of user groups actually imported will conform to the license count. The remaining user groups will not be imported. You can verify the details in the next step.

Step 2: Import User Groups

This step is to fetch the required user groups from the Azure AD domain specified.

To import Azure AD user groups, select the Groups tab

  1. Enter the starting letters of your group name and click Discover.

    How To Search And Discover Azure AD User Groups

  2. You can then verify your selection in the Verify the Objects Selected for Discovery.

    How To Verify Azure Groups Selected For Importing Into EPM

  3. You can select the role for the groups imported using the Role in Securden dropdown.

    How To Assign User Roles In EPM For Users Imported Through Azure AD Group Import

Advanced settings

There are two options available in advanced settings.

What Are The Advanced Settings Available For Importing Groups From Azure AD Into EPM

1) The first one allows you to either include domain users of all subgroups to the group being imported or ignore the subgroups and import only the users of the first level group.

2) The second advanced setting allows you to selectively import user groups that belong to certain types. You need to select the required checkboxes.

Note

User import is subject to your license limits. In case the number of users you try to import exceeds the license limit, the number of user groups imported will conform to the license count. The remaining user groups will not be imported. You can verify the details in the next step.

After selecting the required groups, click on Import.

The process of discovering the groups will take a while to complete. The discovered groups will be automatically populated to Securden inventory after completion. The summary of imported groups will be displayed.

Securden Help Assistant
What's next?
Request a Demo Get a Price Quote
Thank you message

Thanks for sharing your details.
We will be in touch with you shortly.

Thanks for sharing your details.
We will be in touch with you shortly.