Microsoft Entra ID (eh. AzureAD) SSO and user synchronisation is possible in LOLYO. To activate this, please go to Customer area in the administration menu and click on the Add-ons open button. Then click on Further information.
¶ Step 1
After activation, please go to Settings and Azure AD & Sync.
Authorise LOLYO to use your AD by clicking on ‘Open link’. This must be done by an AD administrator.
After this step, there should be a Guid under 'Directory (tenant) ID'.
¶ Step 2
Edit your groups to link them to the AD groups you want.
In AD, search for the 'Object ID' of the groups you want to link to in LOLYO.
¶ Step 3
Now add this Object ID to the desired group in LOLYO:
This should now be visible in the 'Azure AD and Sync' settings under 'Linked groups'.
Finally, enable the login button.
¶ What is the workflow?
When a user logs in via AzureAD, this user is immediately created in LOLYO.
Every 24 hours the user data (name, phone, etc.) is transferred from the AD, i.e. the leading system is always the AD by default. - Depending on the setting, the group assignments are either set initially or transferred from the AD every time (default).
¶ What if the user already exists?
If a user has already been created manually in LOLYO and the same (e-mail) user comes from the AD, it will be automatically linked and overwritten with the data from the AD.
¶ Do I always have to wait 24 hours for the sync?
No, when you edit a user, you can trigger a sync directly by clicking on the date under 'AzureAD last update'.