The Azure Active Directory Connector allows you to provision WiFi access to your employees with a zero-touch experience.
How does it work
The connector pulls your Active Directory users (either all of them or only Members of a Group), creates a WiFi user on your Cloud4Wi account, and sends an invitation email to the users with their dedicated WiFi credentials and setup instructions.
The WiFi credentials can be used on a standard Cloud4Wi Splash Page with an authentication form, or to configure an 802.1x client to access the network via a dedicated WPA2-Enterprise SSID.
The connector also detects when a user is removed from the AD (or from a group) and automatically disables the related WIFi user in the Cloud4Wi account.
Prerequisites
- You need an active Cloud4Wi account with a Splash subscription
- You need an Azure Active Directory account.
- If you want to use WPA2-Enterprise authentication, you need to set up your network with a proper configuration that depends on the WiFi vendor you use (see an example here for Cisco Meraki)
Setup
1. Create a dedicated Location in your Cloud4Wi account
From your Cloud4Wi Dashboard, create a dedicated Location. All users will be associated with this Location. If you want to allow the user to use the WiFi service in the other locations, select the value "Organization" for the "Identity Domain" parameter.
All the users will be provisioned with the Internet Plan configured as Default Internet Plan in the Location, so make sure to assign a policy aligned with your use case (for Employee access, we advise to use the default Unlimited plan)
2. (Optionally) Create an Active Directory Group
If you want to provision the WiFi service only to a group of your AD users, you can create a Group and assign Members to this group. You can choose either a Security or Microsoft 365 group. More info on this article.
Save the Group ID from the Azure interface. You'll need this later to finalize the setup.
3. Install the Connector
Form the Connector Marketplace, install the Azure AD Connector.
On the first step, click on the button "+ Connect your Azure Active Directory" and log in with your Azure AD credentials in the popup.
On the setup page, you need to:
- Enter (optionally) the Group ID created in the previous step. Leave it empty if you want to sync all users. You can add multiple groups by separating them by commas ",".
- Select from the menu the Cloud4Wi Location to be used to sync the users
That's it!
The connector will automatically start running once the installation is finalized.
All existing users will receive an email (to the email address associated with their AD account) including their WiFi credentials and the link to the step-by-step instructions for configuring their device.
Once a day, the connector will check for new members or members that have been removed from the AD.
FAQ
1. Can I personalize the invitation email?
Yes, contact our team for further instructions.
2. Are the WiFi credentials the same as the AD account?
No. For security reasons, the credentials for the WiFi access are different from the user's AD credentials. The connector uses the AD APIs to retrieve users' data and never manage personal credentials
3. Can I check the log of my users' connections?
Yes, you can login into the Cloud4Wi Dashboard, search a Contact via name and inspect all its past connections.