This section describes how to add Azure AD information on TMWS to connect TMWS with the Azure AD service for user authentication and synchronization.
Users not synchronized from Azure AD can be authenticated only through known TMWS gateways or the dedicated port for your organization.
Service URL |
Login URL on the Azure AD admin portal |
Logon name attribute |
User claim name corresponding to the user.onpremisessamaccountname claim value on the Azure AD admin portal TMWS provides a pre-defined value sAMAccountName for this field. You can use this value or specify a different one. Trend Micro recommends keeping the pre-defined value. If you use a different value, make sure that the values here and in Azure AD are identical. |
Public SSL certificate |
Certificate (Base64) downloaded from the Azure AD admin portal |
Tenant |
Directory (tenant) ID or Custom domain name on the Azure AD admin portal |
Application ID |
Application (client) ID on the Azure AD admin portal |
Client secret |
Client secret on the Azure AD admin portal |
Synchronization schedule |
Select to synchronize with Azure AD manually or according to a schedule. If you choose Manually, whenever there are changes to Active Directory user information, remember to go back to the Directory Services screen and perform manual synchronization so that information in TMWS remains current. |
To ensure successful user authentication between your Azure AD and TMWS, if you have configured in Azure AD to use another authentication server, add the host where the authentication server resides to either the proxy exception list of your browser or to the skiphost list in the PAC files in use.