System Configuration Settings
Below are multiple system configurations to be used for various system setups and applications.
Active Directory
In this section, the system configuration and credentials are set for Active Directory. There are three items to configure:
The Active Directory Bridge Configuration specifying the Identity Bridge that was set up and installed previously. The only available options here should be those bridges configured within the Clever IDM Enterprise tenant.
Note
It is a requirement that the bridge is active and working properly before moving forward. The status of the bridge can be confirmed by logging into the Clever IDM Enterprise Administrator Portal, then going to the Configuration module and viewing the Agent/Bridge configuration. Detailed instructions can be found in the Identity Automation Product Guide.
Service Account UPN - This input for specifying the service account UserPrincipalName (UPN) of the account to be used by the Clever IDM Enterprise solution to manage accounts in Active Directory. It is required that this account name be entered in UPN format (e.g., someuser@somedomain.xxx).
Password - The password that will be used in conjunction with the service account to perform account lifecycle management in Active Directory.
After entering the information in the form, the Verify Settings button will be available and can be used to validate that the credentials entered are correct and that the Active Directory Bridge is allowing communication to Active Directory.
Once the credentials have been verified, they can be sent to the Clever IDM Enterprise tenant by clicking Submit. The information is securely sent to the Clever IDM Enterprise tenant and is encrypted for use by only the tenant system. This information is not retrievable and can't be used outside of the specific tenant system.
Note
Coming back to this step will result in an empty form since the credentials are not retrievable. Entering new information and submitting it through this configuration utility will overwrite the existing credentials.
Microsoft 365
The configuration for Microsoft 365 is optional based on whether or not your district requires account management within Microsoft 365 or Azure. In order to properly configure the settings for Microsoft 365, you will have had to set up the Clever IDM Enterprise application through the Azure Administrator Portal as mentioned previously. There are four items to specify on this form:
Tenant ID - This is the tenant identification number as specified in the Azure Administrator Portal.
Client ID - This value will come from the application setup within the Azure Administrator Portal.
Client Secret - This value will come from the application setup within the Azure Administrator Portal.
Account to Test - Specify an account that already exists within Microsoft 365 that Clever IDM Enterprise can use to verify (this is a query only to see if the account exists, and will not change or modify the account in any way).
Once the fields have been populated, the Verify Settings button will be enabled. This button can be used to verify that your Clever IDM Enterprise tenant is able to communicate with your district's Microsoft 365 tenant.
After the credentials are verified, they can be sent to the Clever IDM Enterprise tenant by clicking the Submit button. The information is securely sent to the Clever IDM Enterprise tenant and is encrypted for use only by the tenant system. This information is not retrievable and cannot be used out of the specific tenant system.
Note
Coming back to this step will result in an empty form since the credentials are not retrievable. Entering new information and submitting it through this configuration utility will overwrite the existing credentials.
Google Workspace
The configuration for Google Workspace is optional based on whether or not your district requires account management within Google. In order to properly configure the settings for Google Workspace, you will have had to set up the Clever IDM Enterprise OAuth credentials through the Google Developers Console as outlined previously. There are three items on the Google Configuration Settings form that need to be completed:
Client ID - this value will come from the OAuth credential information in the Google Developer Console.
Client Secret - this value will come from the OAuth credential information in the Google Developer Console.
Google Admin Account - specify an account that has Administrator rights in your district's Google tenant that can be used to verify and authorize the OAuth credential for use in Clever IDM Enterprise.
Once the fields have been populated, the Consent Request button will be enabled. Click this button to verify that your Clever IDM Enterprise tenant is able to communicate with your district's Google Workspace tenant.
After the credentials are verified and consent is granted, they can be sent to the Clever IDM Enterprise tenant by clicking Submit. The information is securely sent to the Clever IDM Enterprise tenant and is encrypted for use with only that tenant system. This information is not retrievable and cannot be used outside of the specific tenant system.
Note
Coming back to this step will result in an empty form since the credentials are not retrievable. Entering new information and submitting it through this configuration utility will overwrite the existing credentials.