[NEBULA] Synchronize ad users with Nebula Cloud Authentication

FrankIversenFrankIversen Member Posts: 92  Ally Member
edited June 3, 2020 9:39AM in General discussion
Would it be possible to sync the identities with either AD of perhaps Azure AD?
I think the primary focus in a cloud managed world is the focus of identify, in this case the user.
By keeping all the usermanagement in just one place (AD / Azure AD) in form of sync of username and passwords, it would provide both administrators, MSPs and most of all the users a great experience.
martinihenry

Comments

  • ITProITPro Member Posts: 11  Freshman Member
    Hi FrankIversen
    It sounds good, but what the scenario you want to use?
    Enter you signature
  • FrankIversenFrankIversen Member Posts: 92  Ally Member
    My scenarios is actually just to sync the passwords hashtags from either Ad or Azure AD :)
    Then we don't have to configure radius with certificates etc. and can provide easy enabling and disabling to the network based on user, while the user can use his known password.
    This should be avaiable in the nebula cloud authentication for WPA2 part
  • WebberITWebberIT Member Posts: 52  Ally Member
    It is possible if you are using an NSG, it can set ADs as I am aware of, but I've only used RADIUS on NAPs and didn't see the configuration for AD, probably need some guidance from someone who knows Azure better, maybe Azure can handle such things :triumph:
  • ITProITPro Member Posts: 11  Freshman Member
    Let me guess... you already have AD or Azure AD, right?
    So you want to let user authenticate the user profiles(ID and password) located on your existing AD OR Azure AD to access VPN or Network Access Method on NSG, is it correct? :smile:
    Enter you signature
  • FrankIversenFrankIversen Member Posts: 92  Ally Member
    We are a managed service provider and has a lot of different scenarios.
    *The Nebula Cloud Authenticator for the APs works very nice. We would just like to sync the password with either a local ad or Azure Ad. In Azure we can use a software named Azure Ad Connect which sync the customers ad to Azure ad. Would be cool if Nebula could leverage the password-hashes so the users password is the same and we don't have to keep our staff focused on areas (radius, certificates etc.) which they don't need to do very often these days.
  • Nebula_IreneNebula_Irene Member Posts: 140  mod
    Hi FrankIversen

    As I know the Azure Ad Connect is the way to connect your on-premises directory with Azure AD to do synchronization, including users, groups, and other objects.
    Your request is sounded like a mechanism which works like Azure AD connect, and you can sync your user profile from your existing on-premises directory to NCC. It should be a good idea, and maybe you can post it on the idea section.

    BTW, in Nebula Phase II, we provide users to import an excel file with multiple users at the same time, so you can export the user from your existing on-premises directory (AD), and then import it on NCC. Let look forward in the near future. J
  • FrankIversenFrankIversen Member Posts: 92  Ally Member
    Yes, your understanding is correct. I work a lot with f.ex Azure and Office 365 and the main thing we focus on is identity. And by keep this consistence over multiple platforms it will be better for both management and users.
    F.ex we could create a security group called Wireless Users in ad and members of these would gain access through the NCC wih synced password hashes. And by removing the from the group (or disable a user in ad) it would also loose access to WiFi in NCC.
  • ITProITPro Member Posts: 11  Freshman Member
    Cool idea!!!!
    Enter you signature
  • Nebula_IreneNebula_Irene Member Posts: 140  mod
    Hi FrankIversen
    Thanks for sharing your idea in an Idea section. :smile:
Sign In to comment.