You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- The Hybrid Administrator role for configuring the provisioning agent and the Application Administrator or Cloud Administrator roles for configuring provisioning in the Azure portal.
30
+
- The Hybrid identity administrator role for configuring the provisioning agent and the Application Administrator or Cloud Administrator roles for configuring provisioning in the Azure portal.
31
31
32
32
## Prepare the sample database
33
33
On a server running SQL Server, run the SQL script found in [Appendix A](#appendix-a). This script creates a sample database with the name CONTOSO. This is the database that you'll be provisioning users into.
@@ -36,7 +36,7 @@ On a server running SQL Server, run the SQL script found in [Appendix A](#append
36
36
## Create the DSN connection file
37
37
The generic SQL connector is a DSN file to connect to the SQL server. First, you need to create a file with the ODBC connection information.
38
38
39
-
1. Start the ODBC management utility on your server.
39
+
1. Start the ODBC management utility on your server. Use the 64-bit version.
40
40
</br>
41
41
2. Select the **File DSN** tab, and select **Add**.
42
42
</br>
@@ -69,7 +69,7 @@ The generic SQL connector is a DSN file to connect to the SQL server. First, you
69
69
>Please use different provisioning agents for on-premises application provisioning and Azure AD Connect Cloud Sync / HR-driven provisioning. All three scenarios should not be managed on the same agent.
70
70
1. Open the provisioning agent installer, agree to the terms of service, and select **next**.
71
71
1. Open the provisioning agent wizard, and select **On-premises provisioning** when prompted for the extension you want to enable.
72
-
1. Provide credentials for an Azure AD administrator when you're prompted to authorize. Hybrid administrator or global administrator is required.
72
+
1. Provide credentials for an Azure AD administrator when you're prompted to authorize. Hybrid identity administrator or global administrator is required.
73
73
1. Select **Confirm** to confirm the installation was successful.
74
74
1. Sign in to the Azure portal.
75
75
1. Go to **Enterprise applications** > **Add a new application**.
@@ -82,7 +82,7 @@ The generic SQL connector is a DSN file to connect to the SQL server. First, you
82
82
83
83
84
84
## Configure the Azure AD ECMA Connector Host certificate
85
-
1.On the desktop, select the ECMA shortcut.
85
+
1.Launch the Microsoft ECMA2Host Configuration Wizard from the start menu.
86
86
2. After the ECMA Connector Host Configuration starts, leave the default port **8585** and select **Generate** to generate a certificate. The autogenerated certificate will be self-signed as part of the trusted root. The SAN matches the host name.
87
87
88
88
3. Select **Save**.
@@ -211,6 +211,9 @@ The generic SQL connector is a DSN file to connect to the SQL server. First, you
211
211
## Assign users to an application
212
212
Now that you have the Azure AD ECMA Connector Host talking with Azure AD, you can move on to configuring who's in scope for provisioning.
213
213
214
+
>[!IMPORTANT]
215
+
>If you were signed in using a Hybrid identity administrator role, you need to sign-out and sign-in with an account that has the app administrator or global admininistrator role, for this section. The Hybrid identity administrator role does not have permissions to assign users to applications.
216
+
214
217
1. In the Azure portal, select **Enterprise applications**.
215
218
2. Select the **On-premises provisioning** application.
216
219
3. On the left, under **Manage**, select **Users and groups**.
0 commit comments