Home > Forum > Actions > Active Directory Actions Configuration Error in WEBCON BPS with AAD

Active Directory Actions Configuration Error in WEBCON BPS with AAD
3

Hello Community,

I’m reaching out for help with an issue we encountered while integrating WEBCON BPS with AAD. In this instance of WEBCON BPS, we’re using Azure Active Directory for both authentication and user list synchronization.

Our goal is to manage AAD directly from WEBCON BPS. According to the documentation, we need to enable Active Directory Actions Configuration. However, regardless of how we enter the user credentials, we encounter the following error:
“You have entered invalid user credentials.”
The user we’re using has been granted the necessary privileges for managing users in AAD (users.administrator).

The documentation I referred to:
https://docs.webcon.com/docs/2024R1/Studio/Action/AD/Action_ActiveDirector0
https://docs.webcon.com/docs/2024R1/Studio/SystemSettings/GlobalParams/SystemSettings_ActiveDirectory

Version: WEBCON 2024.1.1.13.

I would be grateful for your assistance in solving this problem 🙏

MVP

Hello Michał,

as far as I can tell you are mixing different things.

The actions are for managing Active Directory accounts and not Azure Active Directory (Microsoft Entra ID) accounts.

It would probably be possible to do so using the Graph API but there are no dedicated actions you can use for this.
https://learn.microsoft.com/en-us/graph/api/user-post-users

If you still have a local Active directory, which is synchronized to Azure, than you could use the actions, but this would require, that WEBCON is run in the same domain or at least can contact the domain.

Best regards,
Daniel

MVP
In reply to: Michał Borzdyński

Hi Daniel, thanks for your response!

If the action is intended solely for Windows Active Directory, I’m wondering why the documentation says:

"The action is used to create and edit domain users in AZURE Active Directory".

It would be quite misleading.

https://docs.webcon.com/docs/2024R1/Studio/Action/AD/Action_ActiveDirector0

Hi,
I have used these actions to modify AD, whether they should also work in the context of AAD I have no knowledge, if the documentation says so , this may or may not be true ;)

Based on the message received, I would start by verifying this. Try to run, for example, a web browser as a different user with those credentials.

Greetings.

Hi folks,

I just found this article (in Polish): https://kb.webcon.pl/integracja-z-aad-przy-pomocy-akcji-wywolania-rest-oraz-microsoft-graph/

The article states: "In the case of implementing a system based on AAD authentication, it may be necessary to manage users directly in O365 from within WEBCON BPS. BPS provides dedicated actions for local AD. For AAD, we can use standard actions available in BPS (REST call action) and the Microsoft Graph REST Service."

It seems there's an error in the documentation, and as Daniel mentioned, these actions are indeed only for Active Directory. I’ll proceed with Microsoft Graph instead.

Thank you all for your assistance!

In reply to: Daniel Krüger (Cosmo Consult)

Hello Michał,

thanks for referencing the blog post. :)

Best regards,
Daniel

Hi,

I have postet such a problem last year:
https://community.webcon.com/forum/thread/4037/33

We have a partial Hybrid AD-AAD and when a User is syncronized to AAD Webcon coudn´t get access to Useraccount to manage the account.
When the User is only in AD then it woks fine.

Its a big black hole from Webcon. There is to be some work to do, because of Microsofts future therms to sell only Cloud Services.....

Best regards,
Andreas