There are three modes for managing users and groups in Morro Data:
- Morro Users Mode
- Active Directory Mode
- Azure AD Mode
This section focuses on how to set your account to Active Directory mode to manage your users.
Enable Active Directory Mode
If you use Windows Active Directory, you can add your Morro Account to your Active Directory domain to manage users and groups.
Active Directory Mode requires an Active Directory database. If you are in Active Directory mode, do not use Morro Data to manage your users and groups. You can manage your users and groups from Active Directory and the changes will be synchronized with your Morro system.
To set the account to Active Directory mode:
1. Log in to your Team Portal.
2. Go to Teams from the navigation menu
3. Choose the tab Active Directory
4. Enter the Active Directory domain information
|DNS Realm (FQDN)||Enter the DNS realm name, which is the Fully Qualified Domain Name for your Active Directory domain name. For example, biggerinside.local where biggerinside is the prefix and local is the suffix of the name.|
|Computer OU (optional)||Computer accounts will be created in the Computer OU to register Morro gateway devices. If you do not specify the Computer OU, the computer account will be created in the default |
|Allow Web Access For||Specifies how to manage access to the Team Portal in the web or in Morro Connect. The three options are:|
By default, all AD users can access Team Portal in the web or in Morro Connect. Access can be restricted by specific OUs or by users that are imported into the Morro Data account.
Note: Access to shares via local file server is managed by Active Directory.
|Account OU (optional)||Works with the option "Users in specified OU" from Allow Web Access. You can specify multiple OUs separated by semicolons ';' if you manage usrs/groups by OU. If specified, only users from the specified OUs can log in to Morro Cloud Manager and Morro Connect app. Access to network shares on the Morro CacheDrive is not restricted by Account OU. (Example: Account OU = |
|User and Password||Tthe credentials of the Active Directory user account used to add the CacheDrives to the domain. You don't need to use |
5. See the sample below
6. Click SWITCH TO ACTIVE DIRECTORY MODE to complete the process.
There are two types of access permissions that are affected by the Active Directory mode, Team Portal access and Local File Server access.
Permissions to the Local File Server (SMB or Samba Share) is managed by Active Directory.
Permissions to Team Portal are based on the settings in Allow Web Access For.
Allow Web Access For
There are three access settings for Team Portal:
|All Domain Users||Use this setting to all domain users to have access to the Team Portal.|
|Users explicitly imported||Use this setting to import specific users and/or groups to your Morro Data account. Once imported, use the Share's User Access Permission to specify access permissions.|
|Users in specified OU||User this setting to limit access to users that are part of the specified OUs. More than one OU can be specified.|
To import users and groups from Active Directory, go to the USER tab on the Teams page.
Click Import User/Group from ADS to open the Import from AD panel.
Enter a search string for the User or Group name in the "Query String" field. You can use an asterisk (*) to search as a wildcard.
Click FIND NOW to find your users and groups.
If the user or group is found, it will be listed in the Search Results panel.
Check the box next to the users or groups you want to import. Check the box next to "Type" to select all items in the Search Result
Click IMPORT NOW to import the selected users or groups into your Morro Account.