Grant access from the admin portal
From the admin portal you can grant access to the BookMyDesk AD enterprise app on the settings page. This requires administrative access to the company's Microsoft Azure AD environment.
Permissions
In order to read the correct information from users and groups, we need a number of permissions.
Synchronization
The system has a synchronization every 15 minutes, adding all new users who are linked within the Microsoft environment.
Group sync
In addition, a group selection can be made which users should be taken over from Microsoft on the BookMyDesk side. Via the menu item 'Active Directory' you can choose a group to synchronize.
A group must be selected before synchronization can begin. The selected group can always be modified. This can e.g. be a new group 'bookmydesk'.
For users who are synchronized via the Microsoft link, it is no longer possible to adjust the data of a user within BookMyDesk (this is first name, last name and e-mail address). These come from the Microsoft environment.
The link to this is as follows:
- user.givenName = first name
- user.surname = last name
- user.mail = email address
Note: for users who are created from the Microsoft connection, the 'infix' will expire, this will be emptied during the synchronization and also set as 'not editable'.