There are four modes for managing users and groups in Morro Data:

  • Morro Users Mode
  • Active Directory Mode
  • Azure AD Mode
  • JumpCloud Mode

This section focuses on how to set your account to Azure AD mode to manage your users.


To enable Azure AD mode, you must have an Azure AD user with the following API permissions:

  • Sign in and read user profile
  • Read all groups
  • Read directory data
  • Access user's data anytime
  • Windows Hello PIN sign-in is not compatible to CloudNAS Azure AD mode and should be disabled


Enable Azure AD Mode



If you use Azure AD or Office 365, you can add your Morro Account to your Azure AD domain to manage users and groups.


If you are in Azure AD mode, do not use Morro Data to manage your users and groups. You can manage your users and groups from Azure AD and the changes will be synchronized with your Morro system.


To set the account to Azure AD mode:


1. Log in to your Team Portal.

2. Go to Teams from the navigation menu

3. Choose the tab Active Directory

4. From the drop list highlighted in red below, choose "Azure AD".




5. From the Azure AD page, click SWITCH TO AZURE AD MODE



6. The system will authenticate your permission to access your Azure account using the Microsoft authentication process. Enter the email and password.



7. Click Accept




Add Users and Groups

Once the Morro Data account is added to Azure, users can add themselves to the Morro Data solution. Users can add themselves by going to the Team Portal login page and enter their Office 365 login username and password.



Check the Team page to see the User and their Groups are imported into the system.


Figure 1: Azure users


Figure 2: Azure Groups


Import Users from Azure AD

Admins may import users from Azure AD to prepare the permissions to the shares, subfolders, and/or files in the CacheDrive before adding users to the system.


Users imported will not be able to access the SAMBA share before adding their accounts to the Morro Data portal.


To import users, go to the USER tab on the Teams page.



Click Import Users to open the Import Users from Office 365 panel.



Enter a search string for the User in the "Find by  name" field. You can leave the field bank to list all users.


Check the box next to the users you want to import. 

Note: The list displays 100 users at a time. By switching to another page, the users selected on the original page will no longer be selected.


Click IMPORT to import the selected users into your Morro Account.


Limitations:

  • Users imported into Morro Data are in the state "pending" until the user enters their Azure AD credentials by logging into the Team Portal.
  • Users imported into Morro Data will not have access to the system until they grant Morro Data a security key. Users can log into Morro Data with their Azure AD credentials to grant Morro Data access to the key.
  • Blocked users can still be imported into Morro Data, but they will not have access to any resources such as SAMBA or Team Portal.


Import Groups from Azure AD

Admins may import groups from Azure AD to prepare the permissions to the shares, subfolders, and/or files in the CacheDrive before adding groups to the system.


Groups imported will not give members of the group access to the SAMBA share before adding the user acoounts to the Morro Data portal.


To import users, go to the USER tab on the Teams page.



Click Import Users to open the Import Users from Office 365 panel.



Enter a search string for the Group in the "Find by  name" field. You can leave the field bank to list all groups.


Check the box next to the groups you want to import. 

Note: The list displays 100 groups at a time. By switching to another page, the groups selected on the original page will no longer be selected.


Click IMPORT to import the selected groups into your Morro Account.


Limitations:

  • Groups imported into Morro Data do not automatically import the users that are members of that group.
  • Users can log into Morro Data with their Azure AD credentials to grant Morro Data access to the key, then the user will be added as members of the group or any groups to which they are members.


Manage Users and Groups

If users are removed for the system or have changed their group membership, the information is not automatically synced into Morro Data. To sync the information, users can log in to the Team Portal and their information will be automatically updated.


Admins can manually update user information by using the "SYNC GROUP INFO FROM AAD" button.


Accessing the CacheDrive

If the computer is not accessed using a work or school account, then the user will access the CacheDrive using a standard method: