We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Content Shield

Microsoft Azure Active Directory Support for Single Sign-On

  • Last updated on

Microsoft Azure Active Directory (Azure AD) enables single sign-on/authentication for devices, apps, and services for users located almost anywhere. If you want to synchronize Barracuda Content Shield users with your Azure AD instead of with your local LDAP/AD, follow the steps in this article. Barracuda supports associating device identities with Azure AD using the Hybrid Azure AD (Hybrid AAD) join method for federated domains.  

This article assumes that the Hybrid Azure AD join has already been set up and configured. In order for the Barracuda Web Filtering Component (WFC) agent to identify users and sync relevant policies at the endpoint, Azure AD needs to be configured on Barracuda Cloud Control (BCC). To do so, follow these steps:

Step 1. Log into your BCC account and click Add Directory, and then select Azure Active Directory. A pop-up window opens as shown below:

Create Directory Azure.png

Step 2. Enter the relevant directory name and click Connect to Microsoft. You will be redirected to log in with your Microsoft account. After logging in, you should see the following screen to grant access permissions to Barracuda Networks. Click Accept.

Azure AD Permissions.png

After the Azure AD has been added on BCC, it will show up in the Directories section of your BCC account page.

AzureAD Directories.png

Step 3. After the automatic Sync is completed, you will see a Success message with the time of the last sync. Click VIEW GROUPS to verify if the Groups have synchronized successfully as shown below:

Azure AD LDAP Groups page.png

Step 4. Make sure that the Barracuda WFC is able to detect Users/Groups and apply relevant policies at the endpoint. To do this, log in as an LDAP user from the client PC, which is joined to the on-premise AD and verify that user-specific (if configured) policies are applied. You should be able to see the user traffic on the WEB FILTERING LOGS page in the Barracuda Content Shield service.

To finalize the Hybrid AAD Connect setup, follow the additional steps described here: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-fed-hybrid-azure-ad-join-post-config-tasks.

For details on how to setup the Hybrid Azure AD join, see Microsoft documentation at https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-plan .

Last updated on