<< Click to Display Table of Contents >> Navigation: UltraSearch > Azure AD Configuration |
If a SharePoint Online site is configured to require a multi-factor authentication, UltraSearch will perform a browser based authentication (as known from other Azure AD apps).
To enable UltraSearch to get authentication tokens from your Azure AD tenant, you have to register it in your Azure portal first and grant it permission to access Office 365 SharePoint Online:
Please note that the following steps have to be done out of the scope of UltraSearch. They may change with the ongoing development from Microsoft.
1.Sign in to the Azure portal.
2.Select on All services in the left-hand navigation, and choose App registrations (or use the search field in the top bar)
3.Select New application registration and create a registration with values like:
•Name: An application name of your choice to identify the registration in the Azure AD. We would propose to use UltraSearch.
•Redirect URI: Sometimes reffered to as reply URL. Please select 'Public client/nativ' here. Because UltraSearch uses MSAL for authentication, please either use the redirect URI provided for this purpose, or define your own according to the scheme "My URI"://auth, e.g. treesize://auth
4.Once the registration is completed, AAD will assign a unique Application ID to the app. Copy this value from the right pane, as it will be required for the next steps.
5.
In order to use the app registration made above, the information has to be provided to UltraSearch. There are three options available how to achieve this:
•If you want to configure these settings for a single user/computer only, e.g. to evaluate and test the settings, you can do so in the options dialog or you can pass the values to UltraSearch via the command line.
oTo configure the registration in the options:
1.Ensure the View -> Display -> Application Mode is set to Expert
2.Set the values at General -> SharePoint Online - Multi factor authentication
oTo configure the values from the command line, run UltraSearch with the following parameters. UltraSearch will remember these values, so you would have to configure them only once.
▪/AADApplicationID followed by the Application ID assigned by the Azure Portal, e.g. /AADApplicationID xxxxxxxx-yyyy-xxxx-yyyy-xxxxxxxxxxxx, and
▪/AADRedirectURI followed by the Redirect URI specified during the registration assigned, e.g. /AADRedirectURI UltraSearch://auth
•If you are an administrator and want to configure these settings for a group within your company, you can define an define a group policy object to roll them out:
1.Download and install the administrative templates for UltraSearch.
2.Open the Group Policy Management Console, and navigate to the GPO you want to contain the configuration or create a new one.
3.Configure the entries at Administrative Templates > JAM Software > UltraSearch > Defaults