Use Microsoft Entra ID mode to integrate the system into your Microsoft Entra ID domain. To apply share-level access permissions settings, users must be imported in the Users tab.
Note: Users must login to the Team Portal at least once before connecting to shares over SMB.
To switch to Microsoft Entra ID mode:
- Select Microsoft Entra ID in the "Change Mode to" selection box.
- Click the "Switch To This Mode" button.
- You will then be prompted for your Microsoft login. Login and accept the requested permissions to complete the process.
Note: The Microsoft account used for login must have the following API permissions:
- Sign in and read the user profile
- Read all groups
- Read directory data
- Access user's data anytime
Allow Web Access For:
- All Entra ID Users - This is the default option, which means all users in Microsoft Entra ID Mode can access MCM. Select this option with care, there may be security concern.
- Users explicitly imported - Only imported users can access MCM.
- Users in specified groups - Only users in the specified groups can access MCM.
- Disallow All Users - All users are disallowed to access MCM. This mode may be helpful in case you want to shutdown all users to access MCM.
Windows Hello PIN sign-in is incompatible with Microsoft Entra ID mode and should be disabled.
In the lower right corner of the screen, you will see additional options:
- Rejoin Microsoft Entra ID - Use this option to repeat the Microsoft Entra ID join process. This can sometimes solve issues with the Microsoft Entra ID integration.
- Sync Group Info From Microsoft Entra ID - Synchronize the group information in your Morro Account with Microsoft Entra ID.