Configuring Azure Active Directory discovery

This topic describes how to configure Azure Active Directory discovery through Secure Lightweight Directory Access Protocol (TLS 1.2).

Configuring ASM Core

Core can be easily configured to scan your Azure Active Directory using the Active Directory Connector secured with SSL.

  1. Configure your active Directory Connector integration with the Azure Domain in the LDAP server path. This must match the certificate name. If you are using a wild card SSL certificate for your domain, then you will need to preface the address with Azure.

* would be configured as LDAP://

2. Configure your security settings per your requirements, if you are using the SSO connector for authentication do not check “authenticate imported people at source”.

3. Configure your Resource and Filed mapping values as per the AD connector guide.

If you are using the SSO connector for authentication you must ensure your Matching Fields are configured to match existing user on the AD and SSO connectors.

Configuring Azure Active Directory.

To configure the Azure Active Directory to allow LDAPS connections you will need to navigate to your Azure Active Directory using the older Azure portal at

  1. Navigate the Active Directory and Domain you wish to configure and select the Configure tab.

2. Scroll down to the “domain service” section and enable Domain Services.

3. You will then need to configure your LDAPS certificate which will need to be uploaded to Azure in PFX format.

  • Further information on configuring AZURE LDAPS can be found at