{"id":14646,"date":"2020-05-16T17:51:04","date_gmt":"2020-05-16T21:51:04","guid":{"rendered":"https:\/\/evolphin.com\/help\/?p=14646"},"modified":"2020-05-19T15:55:46","modified_gmt":"2020-05-19T19:55:46","slug":"connecting-to-azure-ad-using-zoom-ldap-connector","status":"publish","type":"post","link":"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/","title":{"rendered":"Connecting to Azure AD using Zoom LDAP Connector"},"content":{"rendered":"\n<p>User accounts, group memberships, and credential hashes can be synchronized one way from Azure AD (AAD) to Azure AD Domain Services (Azure AD DS or AAD DS). Azure AD DS integrates with your existing Azure AD tenant, which makes it possible for users to sign in using their existing credentials. <\/p>\n\n\n\n<p>Azure AD DS replicates identity information from Azure AD, so works with Azure AD tenants that are cloud-only, or synchronized with an on-premises Active Directory environment:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>If you have an existing on-premises AD environment, you can synchronize user account information to provide a consistent identity for users on the Azure AD cloud tenant.<\/li><li>For cloud-only environments, you don&#8217;t need a traditional on-premises AD environment to use the centralized identity services of Azure AD DS.<\/li><li>Azure AD DS provides secure LDAP (LDAPS) access to the user credentials from Azure AD tenant. <\/li><li>Zoom LDAP connector uses LDAPS to synchronize user &amp; groups from Azure AD by using Azure AD DS as a read-only proxy to Azure AD tenant.<\/li><li>Currently, Zoom OpenID security realm connector utilizes the Zoom LDAP connector to sync user &amp; group attributes to Zoom Server<\/li><\/ul>\n\n\n\n<p class=\"note\">This is the first step towards provisioning SSO support via <a href=\"https:\/\/evolphin.com\/help\/administration-server\/security\/openid-connect\/configuring-openid-connect-oidc-integration-with-azure-ad\/\" target=\"_blank\" rel=\"noreferrer noopener\">Azure AD OpenID Connect integration<\/a>.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"920\" height=\"360\" src=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-1.png\" alt=\"\" class=\"wp-image-14648\" srcset=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-1.png 920w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-1-300x117.png 300w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-1-768x301.png 768w\" sizes=\"auto, (max-width: 920px) 100vw, 920px\" \/><\/figure>\n\n\n\n<p class=\"note\">In the sections below, we will cover how to get the Zoom LDAP connector and Azure AD DS configured to get the flow depicted in the diagram above working with Zoom.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Prerequisites<\/h4>\n\n\n\n<ol class=\"wp-block-list\"><li>Knowledge of your organization&#8217;s Azure AD setup<\/li><li>Administrator access to your Azure Account<\/li><li>Read the <a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory-domain-services\/synchronization\" target=\"_blank\">Microsoft Azure AD DS<\/a> background article<\/li><li>Ability to create or obtain PKCS12 certificate for your managed domain<\/li><li>Ability to create DNS entry needed for the setup or work with your DNS admin<\/li><\/ol>\n\n\n\n<h4 class=\"wp-block-heading\">Step 1: Create a Zoom Filter group in Azure AD<\/h4>\n\n\n\n<p style=\"font-size:0\">In Azure AD (AAD) create a group that will be referred to as the <strong>Zoom Filter group<\/strong> in order to do one-way scoped sync from AAD to Azure AD Domain Services tenant:<\/p>\n\n\n\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh6.googleusercontent.com\/wA6Jci3_nGrsvaDLk6EKCRTu-NYolEV4CQRvXEMn_FMrtTrsjM9qqDBFxvWyz4jrvbtYE51QROzelp4FiKtTJrzRaLY94YClnf1GfVk-e_EKwuwobCdCFgBE9bq9Z8fRS7pa80Zc\" width=\"624\" height=\"404\"><\/p>\n\n\n\n<p class=\"note\">A scoped sync ensures only users &amp; groups that need to have access to Zoom are synced. You don&#8217;t want your entire corporate directory in Azure AD to be synced. For example, you may have 1000 people across the entire Azure AD organization, but you may need to sync only 50 users that will use Zoom via the Azure AD DS sync.<\/p>\n\n\n\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh4.googleusercontent.com\/-xEiOmL-gu-1bNNqhDxMCMzkr89ltbgCW-gh6Vdjht2LtWVo_YL4AYATt9jGJGwUeydiCU0mQeojG3SS8IRfjfeMpH0n3tqGUGGOS3k6w8nvzXT0lXkSySRzdXMb7kaiYRcvg4X3\" width=\"624\" height=\"224\"><\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Step 2: Configure an Azure AD DS tenant<\/h4>\n\n\n\n<p>After logging in into your Azure console, create a new Azure AD DS tenant, if it doesn&#8217;t exist.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-2.png\" alt=\"\" class=\"wp-image-14650\" width=\"463\" height=\"378\" srcset=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-2.png 926w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-2-300x245.png 300w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-2-768x627.png 768w\" sizes=\"auto, (max-width: 463px) 100vw, 463px\" \/><\/figure>\n\n\n\n<p>Choose a domain name for the new tenant such as azure.&lt;your-company-name&gt;.com.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Step 3: Set up Synchronization in Azure AD DS<\/h4>\n\n\n\n<p><img loading=\"lazy\" decoding=\"async\" width=\"624\" height=\"371\" src=\"https:\/\/lh5.googleusercontent.com\/8zB4kXUcrJjTwXLALMwRONiHqNtAtunp9Va3epjJksUXNrnfmJwCkMSPGgz8FKfrH1okee4KxHaCy4pP4O9GqokvDnQlWipXA5h2xgESuBPpg4wM_RKpfTY6Hwpded4qQFTS4sri\"><\/p>\n\n\n\n<p>Ensure Scoped Sync is selected and choose a group name, such as Zoom Filter Group we created above, from Azure AD to sync. Wait for the Azure AD DS managed domain to deploy in the Azure Cloud. <\/p>\n\n\n\n<p class=\"note\">This step might take 30-60 mins depending upon Azure Cloud&#8217;s workload.<\/p>\n\n\n\n<p><img loading=\"lazy\" decoding=\"async\" width=\"624\" height=\"307\" src=\"https:\/\/lh4.googleusercontent.com\/WM_AiMFl54fCgFajg7itUpNpA8brjEhFt36IbHsTbOaotnfXLjaBhIa-xvDmHKIoY1ot0b5rEuKllB-afz_Du3BXjWaYgusrS7Yrs4VyHeO8ks5rQhroNYMT1kTkbsBAMw__WLhz\"><\/p>\n\n\n\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh4.googleusercontent.com\/n-vnPI9GzQWuvFeQLOaZJiL6MOSYPJrbJ0okje7JIkdo0VSWgVmFu4JmsLnbkONCoLvJMnVxTKyAiK9eth8yqKKYKIzNOqZzhVdUiYaJUjNYrokQ-thd6zCKBQcpGLvdlWF6HBPo\" width=\"624\" height=\"223\"><\/p>\n\n\n\n<p>When you first deploy Azure AD DS, automatic one-way synchronization is configured and started to replicate the objects from Azure AD. This one-way synchronization continues to run in the background to keep the Azure AD DS managed domain up-to-date with any changes from Azure AD. <\/p>\n\n\n\n<p>Note, if you are using Azure with Zoom OpenID Connect realm (may be labeled as PingID realm in your version of Zoom Server Web Admin), you will first want to test if Zoom LDAP realm is working. Therefore, you will need passwords synced from Azure AD to Azure AD DS. This often requires passwords to be reset in Azure AD in order for the sync to be triggered. Please check your Azure AD setup to see if a password reset for all users in the Zoom Filter group is necessary.&nbsp;This is a Microsoft Azure AD DS setup requirement.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Step 4: Obtain a valid SSL\/TLS wildcard certificate for your Azure AD DS<\/h4>\n\n\n\n<p>Click on Secure LDAP option to enable the settings shown below:<\/p>\n\n\n\n<p><img loading=\"lazy\" decoding=\"async\" width=\"686\" height=\"160\" src=\"https:\/\/lh4.googleusercontent.com\/hISo4dRcZ93lP5ZbBeOd47_JPJ4Vnqv5PODGi9A1dI9HDWLpsRaIbqDhRh7OA-xBc_EyGY9hJWPaJhGushNBgBfJQfPNSXsvq2LDL5czlV--ZyQhvekt8-2mbAVVCVW4njjAbZbm\"><\/p>\n\n\n\n<p>Ask your IT security team to create a PKCS12 certificate with the file extension set to .PFX. See Microsoft requirements for <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory-domain-services\/tutorial-configure-ldaps#create-a-certificate-for-secure-ldap\">secure LDAP setup here<\/a>.  The certificate must meet the following requirements:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>The certificate must have the same Subject Name as the domain being managed. For instance, if your domain is named <em>azure.evolphin.com<\/em>, the certificate&#8217;s subject name must be *<em>.<em>azure.evolphin.com<\/em><\/em><\/li><li>Zoom LDAP connector <strong>requires the DNS name of the managed domain<\/strong> such as <em>azure.&lt;company-name&gt;.com<\/em>  <strong>also added to the certificate<\/strong>. Without the two entries, LDAP will not work with the Zoom LDAP connector. For example:<ul><li>azure.&lt;company-name&gt;.com<\/li><li>*.azure.&lt;company-name&gt;.com<\/li><\/ul><\/li><li>Do not use self-signed certificates as the Zoom LDAP connector will not trust it.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-3-1024x788.png\" alt=\"\" class=\"wp-image-14653\" width=\"512\" height=\"394\" srcset=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-3-1024x788.png 1024w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-3-300x231.png 300w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-3-768x591.png 768w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-3.png 1372w\" sizes=\"auto, (max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\">Step 5: Assign a public IP and a DNS name<\/h4>\n\n\n\n<p>The Azure AD DS tenant uses a couple of IP addresses in the internal virtual network on Azure. In order for the Zoom LDAP connector to connect with it, you must assign an external IP address to it. This external IP address must be associated with the Azure AD DS tenant.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"213\" src=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-4-1024x213.png\" alt=\"\" class=\"wp-image-14654\" srcset=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-4-1024x213.png 1024w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-4-300x62.png 300w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-4-768x160.png 768w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-4-1536x319.png 1536w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-4-2048x426.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Now that you have an external\/public IP address for the Azure AD DS, go ahead and add an A record in your DNS to map a hostname to it. Ensure the hostname is in the same domain as the Azure AD DS. For example, a DNS hostname such as ldaps.azure.&lt;company&gt;.com is in the managed domain azure.&lt;company&gt;.com. The hostname will also match the wildcard entry in the SSL certificate you set up earlier for the Azure AD DS secure LDAP.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Step 6: Open LDAPS port in the inbound security rules<\/h4>\n\n\n\n<p class=\"note\">First, obtain the IP address of the Zoom Server that will connect with Azure AD DS over LDAPS port 636. You can get that by doing a ping or DNS lookup on the Zoom DAM\/MAM server DNS hostname. <\/p>\n\n\n\n<p>Add an entry for port 636 (LDAPS) in the Azure network security group attached to your Azure AD DS tenant:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"284\" src=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-5-1024x284.png\" alt=\"\" class=\"wp-image-14655\" srcset=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-5-1024x284.png 1024w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-5-300x83.png 300w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-5-768x213.png 768w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-5-1536x426.png 1536w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-5-2048x567.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p> In the inbound rules, ensure only the allowed IP addresses are specified:<br><\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-7-1024x465.png\" alt=\"\" class=\"wp-image-14657\" width=\"512\" height=\"233\" srcset=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-7-1024x465.png 1024w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-7-300x136.png 300w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-7-768x349.png 768w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-7.png 1066w\" sizes=\"auto, (max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p class=\"warning\">Under no circumstances should you have a <em>wildcard<\/em> or allow <em>Any<\/em> entry in the <em>Source<\/em> field of the above rule. You do not want to open your LDAPS port to anyone to access.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Step 7: Test LDAPS connectivity from outside Azure<\/h4>\n\n\n\n<p>From a workstation or a server that is on the allowed IP list, validate if you can connect to the LDAPS port 636. You can use tools like netcat, telnet etc to check that.<\/p>\n\n\n\n<p>Next use an <strong>LDAP test client<\/strong> such as <em>Microsoft Ldp<\/em> tool or open source <em>Apache Directory Studio<\/em> to test authentication with your Azure AD DS:<\/p>\n\n\n\n<div class=\"wp-block-media-text alignwide is-stacked-on-mobile\" style=\"grid-template-columns:26% auto\"><figure class=\"wp-block-media-text__media\"><img loading=\"lazy\" decoding=\"async\" width=\"636\" height=\"274\" src=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-14.png\" alt=\"\" class=\"wp-image-14667\" srcset=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-14.png 636w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-14-300x129.png 300w\" sizes=\"auto, (max-width: 636px) 100vw, 636px\" \/><\/figure><div class=\"wp-block-media-text__content\">\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-15.png\" alt=\"\" class=\"wp-image-14668\" width=\"287\" height=\"177\" srcset=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-15.png 574w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-15-300x185.png 300w\" sizes=\"auto, (max-width: 287px) 100vw, 287px\" \/><\/figure>\n\n\n\n<p><\/p>\n<\/div><\/div>\n\n\n\n<p> <\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-13-1024x409.png\" alt=\"\" class=\"wp-image-14666\" width=\"768\" height=\"307\" srcset=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-13-1024x409.png 1024w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-13-300x120.png 300w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-13-768x307.png 768w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-13-1536x613.png 1536w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-13.png 1818w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\">Step 8: Gather the LDAP settings from Azure AD DS<\/h4>\n\n\n\n<p>In order to configure the Zoom LDAP connector, gather the following from your <strong>LDAP test client<\/strong> connected to you Azure AD DS tenant:<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li><strong>Base DN<\/strong>: This is typically the domain name specified in X.500 directory standard. For e.g. <em>DC=azure,DC=evolphin,DC=com<\/em><\/li><li><strong>Username attribute<\/strong>: Typically, <em>sAMAccountName<\/em> derived from the mail prefix in the <em>userPrincipalName<\/em><\/li><li><strong>Bind user&#8217;s DN<\/strong>: The DN of a service user that will be used to authenticate with Azure AD DS. For e.g. <em>CN=Service AAD-DS,OU=AADDC Users,DC=azure,DC=evolphin,DC=com<\/em><\/li><li><strong>Bind password<\/strong>: The password of the above user account<\/li><li><strong>Zoom Filter group&#8217;s DN<\/strong>: This is the DN of the filter group created in step 1 of this article. For e.g. <em>CN=Zoom Filter Group,OU=AADDC Users,DC=azure,DC=evolphin,DC=com<\/em><\/li><\/ol>\n\n\n\n<p>Share these settings <strong><span class=\"has-inline-color has-vivid-red-color\">securely (encrypted document or via a password manager)<\/span><\/strong> with you Zoom Server Admin. They can configure and validate the LDAPS connection from your Zoom Server.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Step 9: Validate login using Azure AD credentials from Zoom<\/h4>\n\n\n\n<p>Confirm if you can log in using your Azure AD credentials from a Zoom application such as the Web Client, desktop app, creative app plugins, etc. Once this is done, you can <a href=\"https:\/\/evolphin.com\/help\/administration-server\/security\/openid-connect\/configuring-openid-connect-oidc-integration-with-azure-ad\/\" target=\"_blank\" rel=\"noreferrer noopener\">optionally configure SSO (Single Sign-On) using Azure AD<\/a> or a supported OpenID Connect provider. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-16-1024x802.png\" alt=\"\" class=\"wp-image-14669\" width=\"512\" height=\"401\" srcset=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-16-1024x802.png 1024w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-16-300x235.png 300w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-16-768x601.png 768w, https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-16.png 1326w\" sizes=\"auto, (max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<p>The set up is now complete. You can move onto <a href=\"https:\/\/evolphin.com\/help\/administration-server\/security\/openid-connect\/configuring-openid-connect-oidc-integration-with-azure-ad\/\" target=\"_blank\" rel=\"noreferrer noopener\">SSO setup<\/a> now.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>User accounts, group memberships, and credential hashes can be synchronized one way from Azure AD (AAD) to Azure AD Domain Services (Azure AD DS or AAD DS). Azure AD DS integrates with your existing Azure AD tenant, which makes it possible for users to sign in using their existing credentials. Azure AD DS replicates identity [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[170,172],"tags":[176,177,175,173,174],"class_list":["post-14646","post","type-post","status-publish","format-standard","hentry","category-ldap","category-openid-connect","tag-azure-ad","tag-azure-ad-ds","tag-ldap","tag-oidc","tag-openid-connect"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Connecting to Azure AD using Zoom LDAP Connector - Evolphin Documentation<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Connecting to Azure AD using Zoom LDAP Connector - Evolphin Documentation\" \/>\n<meta property=\"og:description\" content=\"User accounts, group memberships, and credential hashes can be synchronized one way from Azure AD (AAD) to Azure AD Domain Services (Azure AD DS or AAD DS). Azure AD DS integrates with your existing Azure AD tenant, which makes it possible for users to sign in using their existing credentials. Azure AD DS replicates identity [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/\" \/>\n<meta property=\"og:site_name\" content=\"Evolphin Documentation\" \/>\n<meta property=\"article:published_time\" content=\"2020-05-16T21:51:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-05-19T19:55:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-1.png\" \/>\n<meta name=\"author\" content=\"1brahul\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"1brahul\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/administration-server\\\/ldap\\\/connecting-to-azure-ad-using-zoom-ldap-connector\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/administration-server\\\/ldap\\\/connecting-to-azure-ad-using-zoom-ldap-connector\\\/\"},\"author\":{\"name\":\"1brahul\",\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/#\\\/schema\\\/person\\\/8b5cffe613e8f54d3ab8f90586b1c67c\"},\"headline\":\"Connecting to Azure AD using Zoom LDAP Connector\",\"datePublished\":\"2020-05-16T21:51:04+00:00\",\"dateModified\":\"2020-05-19T19:55:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/administration-server\\\/ldap\\\/connecting-to-azure-ad-using-zoom-ldap-connector\\\/\"},\"wordCount\":1352,\"publisher\":{\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/administration-server\\\/ldap\\\/connecting-to-azure-ad-using-zoom-ldap-connector\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/evolphin.com\\\/help\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/image-1.png\",\"keywords\":[\"Azure AD\",\"Azure AD DS\",\"LDAP\",\"OIDC\",\"OpenID Connect\"],\"articleSection\":[\"LDAP\",\"OpenID Connect\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/administration-server\\\/ldap\\\/connecting-to-azure-ad-using-zoom-ldap-connector\\\/\",\"url\":\"https:\\\/\\\/evolphin.com\\\/help\\\/administration-server\\\/ldap\\\/connecting-to-azure-ad-using-zoom-ldap-connector\\\/\",\"name\":\"Connecting to Azure AD using Zoom LDAP Connector - Evolphin Documentation\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/administration-server\\\/ldap\\\/connecting-to-azure-ad-using-zoom-ldap-connector\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/administration-server\\\/ldap\\\/connecting-to-azure-ad-using-zoom-ldap-connector\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/evolphin.com\\\/help\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/image-1.png\",\"datePublished\":\"2020-05-16T21:51:04+00:00\",\"dateModified\":\"2020-05-19T19:55:46+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/administration-server\\\/ldap\\\/connecting-to-azure-ad-using-zoom-ldap-connector\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/evolphin.com\\\/help\\\/administration-server\\\/ldap\\\/connecting-to-azure-ad-using-zoom-ldap-connector\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/administration-server\\\/ldap\\\/connecting-to-azure-ad-using-zoom-ldap-connector\\\/#primaryimage\",\"url\":\"https:\\\/\\\/evolphin.com\\\/help\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/image-1.png\",\"contentUrl\":\"https:\\\/\\\/evolphin.com\\\/help\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/image-1.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/administration-server\\\/ldap\\\/connecting-to-azure-ad-using-zoom-ldap-connector\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/evolphin.com\\\/help\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Connecting to Azure AD using Zoom LDAP Connector\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/#website\",\"url\":\"https:\\\/\\\/evolphin.com\\\/help\\\/\",\"name\":\"Evolphin Documentation\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/evolphin.com\\\/help\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/#organization\",\"name\":\"Evolphin Documentation\",\"url\":\"https:\\\/\\\/evolphin.com\\\/help\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/evolphin.com\\\/help\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/cropped-evolphin-logo-dolphin_sm.png\",\"contentUrl\":\"https:\\\/\\\/evolphin.com\\\/help\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/cropped-evolphin-logo-dolphin_sm.png\",\"width\":200,\"height\":200,\"caption\":\"Evolphin Documentation\"},\"image\":{\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/evolphin.com\\\/help\\\/#\\\/schema\\\/person\\\/8b5cffe613e8f54d3ab8f90586b1c67c\",\"name\":\"1brahul\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/957435f1f34e1495e468d032430344b4016e41f4ec2ffe06c752af7c5c090198?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/957435f1f34e1495e468d032430344b4016e41f4ec2ffe06c752af7c5c090198?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/957435f1f34e1495e468d032430344b4016e41f4ec2ffe06c752af7c5c090198?s=96&d=mm&r=g\",\"caption\":\"1brahul\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Connecting to Azure AD using Zoom LDAP Connector - Evolphin Documentation","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/","og_locale":"en_US","og_type":"article","og_title":"Connecting to Azure AD using Zoom LDAP Connector - Evolphin Documentation","og_description":"User accounts, group memberships, and credential hashes can be synchronized one way from Azure AD (AAD) to Azure AD Domain Services (Azure AD DS or AAD DS). Azure AD DS integrates with your existing Azure AD tenant, which makes it possible for users to sign in using their existing credentials. Azure AD DS replicates identity [&hellip;]","og_url":"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/","og_site_name":"Evolphin Documentation","article_published_time":"2020-05-16T21:51:04+00:00","article_modified_time":"2020-05-19T19:55:46+00:00","og_image":[{"url":"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-1.png","type":"","width":"","height":""}],"author":"1brahul","twitter_card":"summary_large_image","twitter_misc":{"Written by":"1brahul","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/#article","isPartOf":{"@id":"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/"},"author":{"name":"1brahul","@id":"https:\/\/evolphin.com\/help\/#\/schema\/person\/8b5cffe613e8f54d3ab8f90586b1c67c"},"headline":"Connecting to Azure AD using Zoom LDAP Connector","datePublished":"2020-05-16T21:51:04+00:00","dateModified":"2020-05-19T19:55:46+00:00","mainEntityOfPage":{"@id":"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/"},"wordCount":1352,"publisher":{"@id":"https:\/\/evolphin.com\/help\/#organization"},"image":{"@id":"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/#primaryimage"},"thumbnailUrl":"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-1.png","keywords":["Azure AD","Azure AD DS","LDAP","OIDC","OpenID Connect"],"articleSection":["LDAP","OpenID Connect"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/","url":"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/","name":"Connecting to Azure AD using Zoom LDAP Connector - Evolphin Documentation","isPartOf":{"@id":"https:\/\/evolphin.com\/help\/#website"},"primaryImageOfPage":{"@id":"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/#primaryimage"},"image":{"@id":"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/#primaryimage"},"thumbnailUrl":"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-1.png","datePublished":"2020-05-16T21:51:04+00:00","dateModified":"2020-05-19T19:55:46+00:00","breadcrumb":{"@id":"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/#primaryimage","url":"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-1.png","contentUrl":"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/05\/image-1.png"},{"@type":"BreadcrumbList","@id":"https:\/\/evolphin.com\/help\/administration-server\/ldap\/connecting-to-azure-ad-using-zoom-ldap-connector\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/evolphin.com\/help\/"},{"@type":"ListItem","position":2,"name":"Connecting to Azure AD using Zoom LDAP Connector"}]},{"@type":"WebSite","@id":"https:\/\/evolphin.com\/help\/#website","url":"https:\/\/evolphin.com\/help\/","name":"Evolphin Documentation","description":"","publisher":{"@id":"https:\/\/evolphin.com\/help\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/evolphin.com\/help\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/evolphin.com\/help\/#organization","name":"Evolphin Documentation","url":"https:\/\/evolphin.com\/help\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/evolphin.com\/help\/#\/schema\/logo\/image\/","url":"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/04\/cropped-evolphin-logo-dolphin_sm.png","contentUrl":"https:\/\/evolphin.com\/help\/wp-content\/uploads\/2020\/04\/cropped-evolphin-logo-dolphin_sm.png","width":200,"height":200,"caption":"Evolphin Documentation"},"image":{"@id":"https:\/\/evolphin.com\/help\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/evolphin.com\/help\/#\/schema\/person\/8b5cffe613e8f54d3ab8f90586b1c67c","name":"1brahul","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/957435f1f34e1495e468d032430344b4016e41f4ec2ffe06c752af7c5c090198?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/957435f1f34e1495e468d032430344b4016e41f4ec2ffe06c752af7c5c090198?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/957435f1f34e1495e468d032430344b4016e41f4ec2ffe06c752af7c5c090198?s=96&d=mm&r=g","caption":"1brahul"}}]}},"_links":{"self":[{"href":"https:\/\/evolphin.com\/help\/wp-json\/wp\/v2\/posts\/14646","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/evolphin.com\/help\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/evolphin.com\/help\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/evolphin.com\/help\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/evolphin.com\/help\/wp-json\/wp\/v2\/comments?post=14646"}],"version-history":[{"count":18,"href":"https:\/\/evolphin.com\/help\/wp-json\/wp\/v2\/posts\/14646\/revisions"}],"predecessor-version":[{"id":15773,"href":"https:\/\/evolphin.com\/help\/wp-json\/wp\/v2\/posts\/14646\/revisions\/15773"}],"wp:attachment":[{"href":"https:\/\/evolphin.com\/help\/wp-json\/wp\/v2\/media?parent=14646"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/evolphin.com\/help\/wp-json\/wp\/v2\/categories?post=14646"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/evolphin.com\/help\/wp-json\/wp\/v2\/tags?post=14646"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}