Import Active Directory Users via Azure AD & Enable SSO
Do you have thousands of users in your local Microsoft Active Directory? Would you like to synchronize them to 3CX, just as Microsoft 365 admins can? Or do you want a simpler way to sign in to the 3CX Web Client via Microsoft OAuth? No problem, we have a solution for you – and in just 10 minutes!
All you need is to create a free Azure AD, synchronize your local Active Directory with Microsoft Azure Active Directory Connect and configure 3CX Microsoft 365 integration. Watch the video below to see just how easy it is.
Step 1 – Prepare your local AD
Many years ago Microsoft advised assigning the suffix .local or .corporate to local AD domains. If your domain still uses this UPN suffix, you have to assign an alternative suffix with a public domain of your company. Microsoft no longer recommends setting up domains in private only domain spaces, as public trusted certificates can no longer be issued to non-public domains.
In brief, upon due diligence testing, you can add in Active Directory Domains and Trust an alternative UPN suffix. Select a domain you own or buy a new one for your domain activities only.
Once added you can start to map users from the old suffix to the new domain. Their login schematic might change by doing this!
Step 2 – Create an Azure AD Tenant
Creating an Azure AD is completely free and you can use it without being a Microsoft 365 customer. How to create it is well explained here. Once done, create a “Custom domain name” for this tenant and set it as default. It must match your UPN suffix.
Step 3 – Synchronize
Last step is to upload your local users to Azure AD. Install the Microsoft Azure Active Directory Connect tool on your AD server. During installation you will need to authenticate to Azure with the username and password of a global administrator created in Step 2.
And to your local AD with username and password for an enterprise admin account.
Microsoft has additional resources available online.
Step 4 – Enable 3CX Microsoft 365 Integration
Follow the admin guide on creating the login application in Azure and import your local users to 3CX.
And that’s it, we told you it was easy!