Support
 
Phone Get Quote
 
Support
 
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

 

Using an Azure AD Premium license

You can choose to audit your Azure AD environment using an Azure AD Premium license. In this method, ADAudit Plus uses the Azure reporting API to obtain events from Azure AD.

3.1.1 Privileges required for configuration

Grant the following privileges depending on the API you need access to:

API Permission
Windows Azure Active Directory Read directory data
Microsoft Graph Read all audit log data

3.1.2 Azure AD app creation

Here are the steps to create an application in Azure AD:

  1. Register an application.
  2. Provide the required minimum privileges.
  3. Obtain your application's client secret.
  4. Collect and analyze configuration settings.

1. Register an application

  • Go to the Azure portal by clicking here, and sign in using your Microsoft account.
  • Select the Azure Active Directory service from the Azure services top pane.
    Using an Azure AD Premium license
  • Go to Manage → App registrations → New registrations to open the Register an application window.
    Using an Azure AD Premium license
  • Enter the application name, e.g., “ADAudit Plus application”.
  • Ensure that Accounts in this organizational directory only (zohoadapazure only - Single tenant) is selected under Supported account types.
    Using an Azure AD Premium license
  • Click Register.

2. Provide the required minimum privileges

  • Go to the Azure portal by clicking here, and sign in using your Microsoft account.
  • Select the Azure Active Directory service from the Azure services top pane.
    Using an Azure AD Premium license
  • Go to Manage → App registrations. Select your application under Owned applications.
    Using an Azure AD Premium license
  • Go to Manage → API permissions and select + Add a permission to open the Request API permissions window.
    Using an Azure AD Premium license

    Using an Azure AD Premium license

    • Go to Microsoft Graph → Application permissions.
      Using an Azure AD Premium license
    • In the Request API permissions window, select Directory → Directory.Read.All.
      Using an Azure AD Premium license
    • Select Add permissions.
    • Click Yes when prompted if you need to Grant Admin Consent for tenantname.

3. Obtain your application's client secret

  • Go to the Azure portal by clicking here, and sign in using your Microsoft account.
  • Select the Azure Active Directory service from the Azure services top pane.
    Using an Azure AD Premium license
  • Go to Manage → Certificates & secrets.
    • Click + New client secret.
    • Type in the description and the expiration date.
    • Click Add.
    Using an Azure AD Premium license

    Using an Azure AD Premium license

  • Copy the client secret value (e.g., “14uCILxkHtIVGR3wkCq12341Nd5VtestkkWTyIPrrE=”).
    Using an Azure AD Premium license

4. Collect and analyze configuration settings

  • Go to the Azure portal by clicking here, and sign in using your Microsoft account.
  • Select the Azure Active Directory service from the Azure services top pane.
    Using an Azure AD Premium license
  • Go to Manage → App registrations. Select your application under Owned applications.
    Using an Azure AD Premium license
  • Navigate to Application (client ID) and click Copy to clipboard.
    Using an Azure AD Premium license

3.1.3 Setting up Azure AD in ADAudit Plus

  • Open the ADAudit Plus web console.
  • Go to Configuration → Configured Server(s) → Cloud Directory.
  • Select + Add Tenant in the top-right corner.
    Using an Azure AD Premium license
  • Select Audit via Azure.
  • In the Cloud Directory window, type in the Tenant Name, Client ID, and Client Secret.
    Using an Azure AD Premium license
  • Click Add.

ADAudit Plus Trusted By