I see from the Architecture Guide (page 33) that Azure AD Identity is supported by 10.2.300. Has anyone used this with the Domain Services service?
Thanks.
As far as I understand these AAD Domain Services is the replacement for on-premises AD.
And Azure AD support in .300 allows you to create applications in AzureAD and use them to authenticate users, registered in this Azure Active Directory.
No need for Domain services.
1 Like
We sync our local AD with Azure AD. We tested it with a copy of our DB last April but it hasn’t rolled out to the Cloud yet. Looking forward to it as our O365 integration depends on it.
Mark W.
2 Likes
Correct. I was hoping to find out if someone was using the Azure Domain Controller with Epicor Azure AD Authentication. I’m still reading up on AAD Domain Services.
Yes, we currently sync our local AD to Azure as well. Our O365 integration also depends on it.
1 Like
As I read more about AAD Domain Services this is a separate piece of functionality that wouldn’t apply to our end-users, only Azure VM’s. Looks like the Azure AD Support in .300 will do the trick just like you said. Thanks.
1 Like
YEs, it will show user logon window, where he can enter his name and password. As you sync passwords with AAD, the password will be the same as on=premises.
Also you can set seamless SSO mode for AAD Connect, so user will not be required to enter password.
1 Like
Any tips for configuring this on the Azure side? Documentation doesn’t match too well with what I’m seeing in my portal. I’m stuck here, trying to logon to the app server in the admin console… for the life of me i can’t figure out how these permissions are set.
-
Search for “App Reg” in the search bar at the top of the Azure Portal page and select App Registrations
-
Select your application from the list of app registrations.
-
View/Edit the API permissions associated with the app.
i think that’s the underlying issue, i don’t see it in there. Not sure how to get it in there at this point.
i see mine there too, but i still get that error
And when you click the App Registration, what do you see when you check the View API Permissions on that page?
after fooling around i was able to get these in there, tho i think the client is unnecessary? I’ve migrated to a new error at least 
1 Like
i can log into the client using main menu and azure AD, but if i try shell or home page i get the following. Has anyone seen this?
