Welcome to our community!

Set up SAML with Azure AD as enterprise application

Avatar
Simon
  • updated
  • Under Review

As of October 15 this year, Azure AD no longer accepts domains that the tenant doesn't manage themselves in their App ID URI field when setting up a custom SAML app, domains like screenconnect.com


This makes sense, I suppose, because custom SAML apps are for those trying to integrate apps that they built themselves or at least manage the DNS records for.


Anyway, this new development means that ConnectWise in fact no longer supports SAML integration with Azure AD / Microsoft 365.

The issue has been registered as #SCP-37400 on ConnectWise Home, but I think the way forward is clear — ConnectWise should register Control as an enterprise app on Azure AD, like Splashtop and Teamviewer have done. That's why those solutions haven't been affected by this new policy by Azure AD.

Registering as an enterprise app would be ideal, as this would make the set up process for SAML integration much easier as well.

Replies 17
Avatar
0
Rishikesh Gajul
Quote from Kellie Currier

We recently purchased ConnectWise Control & I'm looking to integrate it into our Azure tenant.  Has anyone on stable version 22.5 successfully done it yet?

Hi Kellie,

Please go through this article to setup SAML with Azure AD.

In case you have any issue while setting it up, contact our Support team for further investigation.

Avatar
0
sean mcgrath
Quote from Rishikesh Gajul

Hi Trenton,

The fix is currently in the Prod. Kindly upgrade your instance to the latest stable version 22.5 and check.

Hi Rishikesh, what was the fix for this problem? There's no option to add an Azure AD user source that I can see. What actions do we need to take now to add Azure AD as a user source?

Avatar
0
Kellie Currier

We recently purchased ConnectWise Control & I'm looking to integrate it into our Azure tenant.  Has anyone on stable version 22.5 successfully done it yet?

Avatar
0
Rishikesh Gajul
Quote from Trenton Hord

What's the current status of this? We're approaching the one year mark of this being broken and wondering if I should look at different vendors that support Azure AD SAML?

Hi Trenton,

The fix is currently in the Prod. Kindly upgrade your instance to the latest stable version 22.5 and check.

Avatar
0
Trenton Hord

What's the current status of this? We're approaching the one year mark of this being broken and wondering if I should look at different vendors that support Azure AD SAML?

Avatar
0
Rishikesh Gajul
Quote from Mateo_

Hello,

Is there any update to this request? Azure AD SSO is really important for my company. Please share any status or news.

Thanks!

Hi Mateo,

It's still in development. We've had some high priority work to complete before shifting our focus on this one again. But rest assured it is on the verge of completion and will soon be deployed in one of our upcoming releases.  

Avatar
0
Mateo_

Hello,

Is there any update to this request? Azure AD SSO is really important for my company. Please share any status or news.

Thanks!

Avatar
0
mvitale
Quote from Virtual_Greg

Any update on this? We can't use the work around because we use the department field for something else.

I have no update for you, but I am using the work around, and in the config, there is a "UserInfoRoleNamePath" field that is configured by default to use AD attribute 'department' but it looks like you could change that to use any AD attribute.

Enabling this method is also an addition, so your users will still be able to log in with existing local accounts.  It adds a new login button that you also name.

Changing that department config may work for you, but I have not tested this.

Avatar
0
Virtual_Greg

Any update on this? We can't use the work around because we use the department field for something else.

Avatar
0
Mike Bannerman Team Member

Currently working on this issue.  Early ETA would be April barring a delay, but I'll try to update again in a week.  


Customer support portal powered by UserEcho