Big savings, Better ROI! Exclusive discounts on ManageEngine Products!* Boost your business *T&C apply
    Click here to shrink
    Click here to expand Click here to expand

    Configuring using a Microsoft 365 license

    To audit your Azure AD environment using a Microsoft 365 license, ADAudit Plus uses the Microsoft 365 Management API for all installations after ADAudit Plus build 7050.

    Privileges required while using Microsoft 365 Management API

    • Microsoft Graph API > Directory.Read.All
    • Office 365 Management API > ActivityFeed.Read

    Register an application

    Register an application in the Azure portal, using these steps:

    1. Go to the Azure portal, and sign in using your Microsoft account.
    2. Select the Azure Active Directory service from the Azure services top pane.
    3. Configuring using a Microsoft 365 license
    4. Go to Manage > App registrations > + New registration to open the Register an application window.
      Configuring using a Microsoft 365 license
    5. Enter the application name, for example, ADAudit Plus Application.
    6. Ensure that Accounts in this organizational directory only (zohoadapazure only - Single tenant) is selected under Supported account types.
    7. Configuring using a Microsoft 365 license
    8. Click Register.

    Grant minimum privileges required for Microsoft 365 Management API

    Grant the necessary privileges using Microsoft 365 Management API, using these steps:

    1. Go to the Azure portal, and sign in using your Microsoft account.
    2. Select the Azure Active Directory service from the Azure services section.
    3. Configuring using a Microsoft 365 license
    4. Go to Manage > App registrations. Select your application under Owned applications.
    5. Configuring using a Microsoft 365 license
    6. Go to Manage > API permissions and select + Add a permission to open the Request API permissions window.
    7. Configuring using a Microsoft 365 license
    8. Select Office 365 Management APIs.
    9. Configuring using a Microsoft 365 license
    10. Choose Application permissions.
    11. Configuring using a Microsoft 365 license
    12. In the Request API permissions window, select Application permissions, then check the ActivityFeed.Read box under ActivityFeed. Select Add permissions.
    13. Configuring using a Microsoft 365 license
    14. Once again, go to Manage > API permissions > + Add a permission.
    15. Configuring using a Microsoft 365 license
    16. Select Microsoft Graph in the Request API permissions window.
    17. Configuring using a Microsoft 365 license
    18. Select Application permissions.
    19. Configuring using a Microsoft 365 license
    20. Check the Directory.Read.All box under Directory. Select Add permissions.
    21. Configuring using a Microsoft 365 license
    22. Select Grant admin consent for <tenant name>.
    23. Configuring using a Microsoft 365 license
    24. Click Yes.

    Obtain client ID and client secret

    1. Go to the Azure portal, and sign in using your Microsoft account.
    2. Select the Azure Active Directory service from the Azure services section.
    3. Configuring using a Microsoft 365 license
    4. Go to Manage > Certificates & secrets.
      • Click + New client secret.
      • Type in the description and the expiration date.
      • Click Add.
    5. Configuring using a Microsoft 365 license

      Configuring using a Microsoft 365 license
    6. Copy the client secret value (e.g., 14uCILxkHtIVGR3wkCq12341Nd5VtestkkWTyIPrrE=).
    7. Configuring using a Microsoft 365 license
    8. Go to Manage > App registrations. Select your application under Owned applications.
    9. Configuring using a Microsoft 365 license
    10. Navigate to Application (client ID) and click Copy to clipboard.
    11. Configuring using a Microsoft 365 license

    Setting up Azure AD in ADAudit Plus

    1. Open the ADAudit Plus web console.
    2. Go to Configuration > Configured Server(s) > Cloud Directory.
    3. Configuring using a Microsoft 365 license
    4. Select + Add Tenant.
    5. Select Audit via Office 365.
    6. In the Cloud Directory window, enter the Tenant Name, Client ID, and Client Secret.
    7. Configuring using a Microsoft 365 license
      Note: To obtain the tenant name:
      • Go to the Azure portal, and sign in using your Microsoft account.
      • Search for and select Microsoft Entra ID.
      • Using an Azure AD Premium license
      • Go to Manage > Custom domain names.
      • Click Add filter, under Filter, select Primary from the dropdown, and under Value, select Yes from the dropdown.
      • Using an Azure AD Premium license
      • Copy the name of the primary domain that is displayed and paste it in the Tenant Name field.
      • Using an Azure AD Premium license
    8. Click Add.

    Privileges required for Office 365 cmdlet configuration

    ADAudit Plus uses the below-listed APIs to audit Azure AD.

    • Office 365 Management API for all installations after ADAudit Plus build 7050.
    • PowerShell cmdlets (unified audit log) for tenants who configured Azure AD via Office 365 before ADAudit Plus build 7050.

    Note: ADAudit Plus strongly recommends using Office 365 Management API to obtain Azure AD events. For tenants still using PowerShell cmdlets, you can update your configuration by migrating O365 cmdlet configuration to Office 365 Management API configuration. You can find the steps to do it here.

    Check and migrate O365 cmdlet configuration to M365 API configuration

    1. Open the ADAudit Plus web console.
    2. Go to Configuration > Configured Server(s) > Cloud Directory.
    3. Under the Actions column in the report, select the Migrate icon.
    4. Note: This is only necessary for tenants who configured Azure AD via O365 before build 7050. This feature will be available once the users upgrade to build 7050 or above.

    5. In the Migrate to M365 API window that opens, enter the Client ID and Client Secret generated previously.
    6. Configuring using a Microsoft 365 license
    7. Click Migrate.

    If you still want to use O365 cmdlet configuration and you are using an ADAudit Plus build lower than 7050, you can find the privileges required below:

    Required role Permission
    Global administrator Compliance Management (Audit Logs)
    Organization Management (View-Only Audit Logs)

    Listed below are the system specifications required:

    i. Microsoft .NET Framework 4.0

    To check whether .NET Framework 4.0 is installed:

    • Go to Start > Command Prompt.
    • Type in the following query: reg query
    • "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\full" /v version.

    • Ensure that the version number is 4.0.
      • If not, download NET Framework 4.0 from here and install it.

    ii. PowerShell version 3

    To check whether PowerShell is installed:

    • Go to Start > Run.
    • Type in PowerShell.
    • If PowerShell is installed, check for its version number by typing in the following query in the command prompt: $PSVersionTable.
    • If PowerShell is not installed or if the existing PowerShell version is below 3, you can install or upgrade to version 3 from here.

    iii. Azure AD module for Windows PowerShell

    To check whether the Azure AD module is installed:

    • Go to Start > Run
    • Type in PowerShell.
    • Type in the query get-module -Name AzureAD. This will list the module if it's already installed. In case it's not, install the module by running the PowerShell cmdlet Install-Module Azure AD.
    Notes:
    • Gain a correlated view of your hybrid AD environments by configuring both Azure AD and on-premises AD domain details in ADAudit Plus.
    • This Azure AD module is available only in the 64-bit version of Windows.

    Don't see what you're looking for?

    •  

      Visit our community

      Post your questions in the forum.

       
    •  

      Request additional resources

      Send us your requirements.

       
    •  

      Need implementation assistance?

      Try onboarding

       

    On this page

    Get download link