Who Is This For?

1. Centralize user management in Entra ID
   
2. Automatically import users into CurrentWare
   
3. Keep user accounts and group memberships synchronized
4. Reduce manual user administration and policy errors

What Gets Synced

Supported features

1. Entra ID users
   
2. Entra ID security groups
3. Group-to-CurrentWare group mapping
4. Scheduled synchronization

Prerequisites

Before connecting CurrentWare to Entra ID, you must create an App Registration in Entra ID.

Step 1: Register CurrentWare in Entra ID

1. Sign in to the Microsoft Entra admin center
   
1. Navigate to Azure Active Directory (Entra ID)
2. Register a new application
1. From the left-hand menu, click App registrations
   
2. Click New registration
   
   
3. Enter a name (example: CurrentWare User Sync)
4. Select Single tenant
5. Leave Redirect URI blank
6. Click Register
   

Step 2: Record Required IDs

After registration, note the following values:

• Application (Client) ID
  
• Directory (Tenant) ID
  

These values are required when configuring the connection in CurrentWare.

Step 3: Configure Authentication

CurrentWare supports Client Secret authentication (certificate-based authentication may be added later).

Create a Client Secret

1. In the App Registration, go to Certificates & secrets
   
2. Click New client secret
   
3. Add a description and expiration
   
4. Copy the Secret Value (this is shown only once)
   

Connecting Entra ID to CurrentWare

1. In CurrentWare, go to Tools → Import Users
   
2. Select Action: Entra ID Import & Sync
   
1. Enter the information for the following fields:
   
1. Tenant ID
   
2. Application ID
   
3. Client Secret
   
3. Click Connect
   

Once connected, CurrentWare will validate the credentials and prepare the group selection step.

Selecting Entra ID Groups

After a successful connection:

1. Choose how users will be imported:
   
1. By Entra ID Groups (Administrative Units may be supported in future releases)
   
2. Select one or more Entra ID groups to import
   
3. Review the detected users
   

Only users who belong to the selected groups will be imported into CurrentWare.

Group Mapping & Priority

1. If a user belongs to multiple Entra ID groups, CurrentWare allows you to:
   
1. Map Entra ID groups to CurrentWare groups
   
2. Define group priority using drag-and-drop ordering
   
2. The highest-priority group determines which policies are applied to the user.
   

This interface is the same as the existing Active Directory security group import workflow.

Sync Settings

You can configure synchronization behavior directly in the setup flow:

• Enable or disable synchronization
  
• Set the sync interval
  
• Edit or disconnect the Entra ID connection at any time

When sync is enabled, CurrentWare will:

• Add new users
  
• Update existing users
  
• Reflect group membership changes

Important Notes & Limitations

• Entra ID imports operate with directory-wide read permissions, so careful group selection is recommended
  
• Migrating from local Active Directory to Entra ID may require clearing existing users to avoid duplicates
  
• Users are matched using unique identifiers to prevent conflicts
  
• Operator accounts are not imported in this version
  

Troubleshooting

If the connection fails:

• Verify the Client Secret has not expired
  
• Ensure the correct Tenant ID is being used
  
• Review CurrentWare server logs for detailed error messages - Contact support at support@currentware.com
  

Security Considerations

• Client secrets should be stored securely
  
• Rotate secrets regularly based on your organization’s security policy