Skip to main content
All CollectionsCloudSee Drive Administration
How to Configure Entra ID Group Access?
How to Configure Entra ID Group Access?
D
Written by Daniela Camargo
Updated over 2 months ago

Microsoft Entra ID groups allow administrators to manage user access and permissions to resources, such as CloudSee Drive, by grouping users with similar access needs. Instead of assigning permissions to individual users, Entra ID enables you to create groups that automatically apply the necessary permissions to all group members.

Why Do You Need It?

Managing user access across multiple systems and platforms can become time-consuming and prone to errors. By leveraging Entra ID Group Access:

  • Administrators can simplify the process of granting access to multiple users by using groups.

  • Organizations can ensure consistent security policies and access control across all users within a group.

  • It facilitates easier management of permissions for large teams or departments.

  • Administrators can integrate with CloudSee Drive using Microsoft Entra ID, allowing seamless access through Microsoft Single Sign-On (SSO).

Who Is It For?

Entra ID Group Access is intended for administrators who need to manage large groups of users and ensure secure, streamlined access to shared resources like CloudSee Drive. It’s ideal for organizations using Microsoft Entra ID as their identity management system and who require efficient management of permissions and access.

How It Works

Entra ID Group Access can be configured and used by following these steps:

  1. Entra ID Configuration: Admins must grant consent for the CloudSee Drive application in the Microsoft Azure portal, ensuring that Entra ID groups and users can be retrieved and managed within CloudSee Drive.

  2. Create Groups: Administrators can create groups in Microsoft Entra ID, add users, and manage permissions for each group.

  3. Retrieve Tenant and Group IDs: Admins must configure the Tenant ID and Tenant Group ID in CloudSee Drive to synchronize with Entra ID for group access.

  4. Manage Users: Once group members sign in to CloudSee Drive using Microsoft SSO, they will automatically appear in the system, where admins can assign and manage their bucket access and permissions.

This guide provides detailed instructions for setting up Entra ID groups, retrieving tenant information, and configuring access permissions in CloudSee Drive.

Entra ID Configuration

To retrieve users from an Entra ID group, IT administrators must grant admin consent to the CloudSee Drive application. Follow the steps below to configure this in Entra ID:

  1. Access Azure Portal. Open your browser and go to https://portal.azure.com.

  2. Sign In. Click the "Sign In" button after entering your credentials.

  3. Navigate to Microsoft Entra ID. Log in to the Microsoft Entra ID portal. From the navigation pane, select Enterprise Applications.

2. Select CloudSee Drive Application. Locate and select the CloudSee Drive application from the list of enterprise applications.

3. Configure Permissions. In the CloudSee Drive application panel, go to Security. Click on Permissions.

4. Grant Admin Consent. In the Permissions section, find the option labeled “Grant admin consent for Default Directory”. Click the Grant admin consent button.

5. Admin Sign-in and Consent. When prompted, sign in with an IT administrator account. Review the requested permissions and click Accept to grant CloudSee Drive access to Entra ID groups and users.

Create a Group in Microsoft Entra ID

You can create a basic group and add your members at the same time using the Microsoft Entra admin center. You must have at least the Groups Administrator or User Administrator role assigned to create groups.

  1. Access Azure Portal. Open your browser and go to https://portal.azure.com.

  2. Sign In. Click the "Sign In" button after entering your credentials.

  3. Find Microsoft Entra ID. In the search bar at the top, type "Entra ID" and select it from the dropdown menu to access the service.

  4. Navigate to Groups. Click on "Groups" to view and manage your groups.

  5. Create a New Group. Click on "Create a group" and follow the prompts to set up your new group.

  6. Group created. Your new group is now created and ready for configuration.

Configure Tenant ID and Tenant Group ID on CloudSee Drive

You can create a new tenant for your organization. Your new tenant represents your organization and helps you to manage a specific instance of Microsoft Cloud services for your internal and external users.

Groups help you manage access, policy, and compliance across your subscriptions. Create them to build an effective and efficient hierarchy to manage access.

  1. Retrieve IDs from Entra ID

The Tenant ID is located on the home page on Entra ID.

The Tenant Group ID is located on the Groups/All groups page.

2. Admin Sign In to CloudSee Drive. Sign in to CloudSee Drive using Microsoft Single Sign-On (SSO) with an admin account.

3. Profile Settings. Click the user icon and select Profile.

4. Update Admin Profile. Enter the Tenant Name, External Tenant ID, and Group Tenant ID. Click "Update" to save the changes.

After updating, Entra ID group members will automatically gain access to CloudSee Drive.

User Account Sign In

  1. User Sign In. Members of the Entra ID group can now sign in to CloudSee Drive using Microsoft SSO without needing to subscribe through AWS Marketplace.

Note: Users will not have bucket access until it is configured by an admin.

User Management

  1. Admin Sign In. Sign into CloudSee Drive through Microsoft SSO using an admin account.

2. User Settings. Go to “CloudSee User Settings.”

3. Manage Users. Once group members sign in, they will automatically appear on the "Manage Users" screen in CloudSee Drive.

As an admin, you can configure bucket access and permissions for each member from the "Manage Users" page.

Did this answer your question?