Pre-requisites:
An Azure AD Administrator Account to grant the necessary permissions to the application to authenticate with AAD.
A Service account or a user account for the bulk token enrollment process of VMs
New Control Account
Steps:
After a new Control Account is created and verified, the user can log in to the account with the initial account created during the setup.
The Administrator would see the below screen where he/she must choose the type (AAD or Active Directory).
Full AAD: If the control account is configured with this option, both the Workspot Client and the Desktop Authentication should happen using the AAD credentials.
Active Directory: If this is chosen, then the account can be configured to use AAD or AD for Client Authentication but can only be configured to use AD for Desktop Authentication.
We shall go ahead and enable the “Azure Active Directory” radio button and Click on the Request Permissions button.
A new window will appear, with the details and the list of the permissions required. Please go through and Click on Continue.
A new Window will appear asking to provide the AAD Admin credentials.
Once the credentials are provided, the below screen will appear asking you to review the permissions that you are about to grant to the application.
After reviewing, click on Accept.
Once the process is complete you will be successfully signed out of the AAD account.
On the control page, you can now see that the permissions are granted for Control
Click on the “Use Bulk Token Refresh” radio button
If you wish to Enter the bulk token credentials directly then Click on “Enter Credentials” and provide the credentials in the fields below
If you have secured the credentials in Azure Key Vault, you can choose that option from below and provide the path for it to be retrieved from the key vault.
Once the credentials are provided, you can click on “Check Account and Save.”
If everything goes well, you will see the status as “Verified.”
