[Add Tenant] Screen

This screen is displayed by clicking [Add] > [Individual Client Secret] on the [Microsoft Entra ID Linkage] screen.

Select the item to edit from the side menu.

[Microsoft Entra ID Connection Settings]

image

[Tenant ID]

Enter the same information as that in [Directory (tenant) ID] on the destination Microsoft Entra ID tenant for synchronization. This cannot be changed on the [Tenant Properties] screen.

[Authentication Method]

Displays the setup method specified when adding the tenant.

[Client ID]

Enter the application (client ID) added on the destination Microsoft Entra ID tenant for synchronization.

  • [Client ID] is displayed when [Authentication Method] is set to [Individual Client Secret].

[Client Secret]

Enter the client secret issued on the destination Microsoft Entra ID tenant for synchronization. This cannot be changed on the [Tenant Properties] screen.

  • [Client Secret] is displayed when [Authentication Method] is set to [Individual Client Secret].

[Basic User Attribute]

image

[User ID Attribute]

Specifies the Entra ID attribute to use as the user ID.

This is normally set to "userPrincipalName".

[Omit Domain Name]

Configures whether to emit the string after the @ symbol when synchronizing the attribute specified in [User ID Attribute] with Device Management.

If this setting is enabled and the user ID in Entra ID is "user001@example.com", then the user ID synchronized with Device Management will be "user001".

[User Name Attribute]

Specifies the Entra ID attribute to use as the user name (display name).

This is normally set to "displayName".

[Accounting Label Attribute]

image

[Accounting Label 1-3 Sync] and [Accounting Label 1-3 Attribute]

Accounting labels can be used to perform accounting by department, etc.

When performing accounting by department, specify the method for associating users and departments from the items below.

[Disabled]

Select this to not use an accounting label.

[Specify Attribute Name]

Specify [Specify Attribute Name] to associate the setting values of the Entra ID user with the accounting labels of the target user. For example, you can enter "department" in [Accounting Label Attribute] to use the department value set for the Entra ID user in accounting.

[Fixed Value]

Specify [Fixed Value] to associate the value entered in [Accounting Label Attribute] with all the users retrieved from Entra ID.

Use [Fixed Value] when multiple instances of Entra ID exist in the destination for synchronization and are separated by department.

[Device Update Settings]

image

[Setting Group]

Select the setting group that the Entra ID user belongs to.

[Length of Initial Password]

Specifies the number of digits for the initial password used for local device authentication, either zero or a number between four and 12.

When a number four or greater is specified, the a different password is generated for each user. The generated password can be checked in the user information file downloaded by clicking [CSV Download] on the [List of Registered Users] screen.

[E-mail Address Attribute]

Specifies the Entra ID attribute to use as the e-mail address of the user.

This is normally set to "userPrincipalName".

It may be set to "mail", depending on the configuration of Entra ID.

[Card ID Attribute]

Specifies the Entra ID attribute to use as the IC card ID of the user.

[Extension Settings]

image

[Query Filter]

If there are users in Entra ID that you do not want to register to Device Management, you can configure [Query Filter] to remove certain users from synchronization.

If this is blank, all users are synchronized.