AzureAD-LDAP-wrapper
\<img src="https://cdn.buymeacoffee.com/buttons/default-orange.png" style="height: 20px; width: 20px;" alt="Buy Me A Coffee"> GitHub Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage

1.1 Register an application with the Microsoft identity platform

Prerequisites

To register an application with the Microsoft identity platform, you need:

Register an application with the Microsoft identity platform

Register a new application in your Microsoft Entra Admin Center. More descriptions can be found here.

  • Sign-in to the Microsoft Entra Admin Center.
  • Browse to Identity > Applications > App registrations
  • Select New registration.
  • Name the application, for example “ldap-wrapper”.
  • Select a supported account type, which determines who can use the application.
    Important: Personal Microsoft accounts are not supported.
  • Under Redirect URI, select nothing and keep it empty.
  • Select Register.
    aad register

Set permissions

  • Set the following Microsoft Graph API Application permissions:
    For type Application allow User.Read.All and Group.Read.All.
    For type Delegated allow User.Read.
    Entra Permissions

  • Click “Grant admin consent”. The status should be “Granted for”.
    If you see en entry with “Not granted for”, click again: Entra wrong permissions

  • Set Allow public client flows to Yes
    Entra ROPC

Get TenantId, AppId and AppSecret

Copy and save those values for the later use as environment variables in the Docker container:

  • AZURE_TENANTID: Directory (tenant) ID from the page “overview”.
  • AZURE_APP_ID: Application (client) ID from the page “overview”. aad tenant
  • AZURE_APP_SECRET: Value of a new client secret from the page “Certificates & secrets”.
    aad app secret

Use TenantId, AppId and AppSecret in your wrapper

Use a docker container or any other method to run the LDAP-wrapper and start it with the previously saved environment variables.