The following figure shows how it work:
fig.1
Before you begin you will need to ensure you have configured the MSPControl Active Directory Password Filter on ALL domain controllers in your MSPControl enviroment (not your customers domain controllers) by following this guide.
You will need to ensure you have configured the Azure IoT Hub by following this guide.
To get started with ADSync (part of Windows Agent), you need to complete the following steps:
1) ADSync requires that the client has the following added to the Hosted Organizations quota.
(We do this with an Add On which contains "1 x device for ADSync and "1 x AD Sync Users")
Make sure you include the above Add On in the clients hosting space under "Space Add-ons".
2) To use the agent it requires a DNS SRV Record Created on the Organization Domain of the user using it.
- Access “DNS” managment console
- Access “Forward Lookup Zones” and choose your domain.
- Access domain-> _tcp -> Other NewRecors…
- Service Location(SRV)-> Create Records
Required Fields:
- Service: _mspcontrol
- Protocol: _tcp
- Priority: 10
- Weight: 10
- Port number: 443
- Host offering this service: webdav.myhosting.com
Now you need to create a user on the control panel. Organizations-> Active Users -> Create New User (this point is represent in fig. 1)
3). After all steps are done, you can start to install mspcontrol agent.
- Run the installer “Click Next”
- Accept the terms in the License Agreement and “Click Next”
- Choose the destination folder
- Enter username and password created on the control panel and “Click Next”
- In case of username and password are correct you will see the starting of installation process, after its done - restart a server
- After server restart you will see icon on the tab
Also you check if the service is up
- On the Control Panel you will see the installed agent on the devices
- Select added device
- Select Settings
- Complete the form with a user account from the customers domain controller that you installed the Autopilot client above on which is a Domain Admin (we reccomend setting up a new user specifically for the AD Sync on the customers domain).
AD Sync Enabled - Ticked
Username - CUSTOMERDOMAIN\ADSyncUserName
Password - Password for above account
Sync Password from AD - Ticked
Click update
Restart server with install MSPC agent.
To configure Azure IoT Hub for ADSync follow this guide