Configuring Microsoft Entra ID user search parameters

About this task

Use the User Search section to search for users in Microsoft Entra.

Procedure

Enter the user search information.
User Filter

Specify the Microsoft Entra filter expression to be used for the user search. For example startswith(displayName,'Bob'). The defined expression must filter the results such that only the users that you want are imported to Remote Control. The default value is empty. For more information please refer to https://learn.microsoft.com/en-us/graph/filter-query-parameter.
Note: Some environments have thousands of users. Therefore, it is important to create a filter that imports only the users that you want. To limit the users to only those users who are members of groups that are imported into Remote Control through the Group Filter, you must select User Must be in a Group. If you do not select this property, the users that do not belong to any of the imported Microsoft Entra groups are automatically assigned to the DefaultGroup user group. The search can be further refined by using more complex queries.

User Must be in a Group

Select this option to limit the users that are imported to only those users who are members of groups that are imported into Remote Control through the GroupSearch filter. The default state is not selected.
Note: To import users who do not belong to any Microsoft Entra group, you must deselect the User Must be in a Group check box.
Warning: This action imports all users. You can give permissions to those users only by giving permission to the DefaultGroup (which is the local Remote Control group), where all users are automatically added regardless of their group membership.

Microsoft Entra attributes

Type which user-specific Microsoft Entra attribute names must be used for importing the user details into the corresponding Remote Control user properties.
UserID

The user ID is the Microsoft Entra ID attribute that contains the user ID that is chosen to be mapped to the userID field in Remote Control.
Note: After enabling SAML 2.0 Single sign-on (SSO), Microsoft Entra users can login with their userPrincipalName (for instance user@contoso.onmicrosoft.com. For more information, visit https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/plan-connect-userprincipalname#upn-in-microsoft-entra-id.
For this reason, it is recommended to check the value of the following parameter into the identity_providers.properties file:

entraID.userID=userPrincipalName

UserEmail

The name of the Microsoft Entra attribute that contains the user email address.
Note: User Email must not have a null value. If Microsoft Entra does not contain email information, a different attribute must be used. For example, it can be set to userPrincipalName.

EmployeeID

The name of the Microsoft Entra attribute that contains the user's employee ID.

Forename

The name of the Microsoft Entra attribute that contains the user's name.

Title

The name of the Microsoft Entra attribute entry that contains the user's title.

Surname

The name of the Microsoft Entra attribute that contains the user's surname.

Department

The name of the Microsoft Entra attribute that contains the user's department.

Company

The name of the Microsoft Entra attribute that contains the user's company.

Location

The name of the Microsoft Entra attribute that contains the user's location.

Address

The name of the Microsoft Entra attribute that contains the user's address details.

Country

The name of the Microsoft Entra attribute that contains the user's country.

State

The name of the Microsoft Entra attribute that contains the user's state.

Mobile

The name of the Microsoft Entra attribute that contains the user's mobile number.
Click Test User Search
A message box is displayed with the total number of users that are found as a result of the search.
Click OK
The resulting users are shown in the text box. If Microsoft Entra ID synchronization is enabled, this list of users would be imported. You can click the icon to the left of each user name to see a list of the Microsoft Entra attributes and values that are defined for the user. Click the icon to the right of the user name to display the Remote Control user field values. The user field values are imported into the Remote Control database.

Results

When you have the required user search results, you can save your current configuration by following the steps in Saving your Microsoft Entra configuration.