Skip to content
Contact Support
  • There are no suggestions because the search field is empty.

User Sync & Email Notification Setup Guide (Azure AD / LDAP)

This article provides a consolidated guide for configuring User Synchronization—either via Azure (Entra ID) or LDAP—and completing the Email Notification (SMTP) setup in IC 3.0.

 

1. Azure (Entra ID) Sync Setup

Follow these steps if you want to sync users from Azure/Entra ID.

1.1 Create the Azure Application Registration

  1. Sign in to the Azure Admin Portal: https://portal.azure.com/
  2. Go to App registrationsNew registration.
  3. Enter a name (e.g., IC3 Azure Sync).
  4. Under Redirect URI, choose Web.
  5. Enter your redirect URI.
    Example for IC3:
    • Site: https://IC3.intranetconnections.com
    • Redirect URI: https://IC3-api.intranetconnections.com/signin-oidc
  6. Select Register.

After registering, Azure will display Client ID and Tenant ID—save these for later.

1.2 Create Client Secret

  1. Open Certificates & Secrets.
  2. Select + New Client Secret.
  3. Enter a description → choose 730 days (24 months) → click Add.
  4. Copy its Value immediately (you cannot retrieve it later).

1.3 Add Microsoft Graph API Permissions

Go to API Permissions+ Add a permissionMicrosoft Graph and add all required permissions.
Then click Grant admin consent to apply them.

Required Permissions:

1.4 Configure Azure Sync in IC3

  1. Log in to your IC 3.0 site.
  2. Go to Admin Mode → Security & Permissions → Login Authentication.
  3. Edit Azure Single Sign-On.
  4. Enable Azure SSO as a login provider.
  5. Enter your:
    • Client ID
    • Tenant ID
    • Client Secret
  6. Select Test ConnectionConfirm.

1.5 Finalize Azure User Sync

  1. Click + Manage Sync.
  2. Select Add Connection → choose Azure.
  3. Under Sync from Group, select the Azure AD group you want to sync with.
  4. Click Save.
  5. Go to System Config → Task Manager.
  6. Run Azure User Sync Task.
  7. Restart IIS to apply changes.
  8. Test Azure SSO login.

2. LDAP Sync Setup

Follow these steps if your organization syncs users through Windows LDAP instead of Azure.

2.1 Configure LDAP Authentication

  1. Log in to your IC 3.0 site.
  2. Go to Admin Mode → Security & Permissions → Login Authentication.
  3. Edit Windows Authentication.
  4. Enable Windows Authentication as a login provider.
  5. Fill required LDAP fields → select Test Connection.

2.2 Setup LDAP Sync

  1. Click + Manage Sync.
  2. Select Add Connection → choose Windows LDAP.
  3. Under Sync from Group*, click + Add Group and select the LDAP group.
  4. Map required fields → click Save.

2.3 Required IIS Configuration

  1. In IIS, go to Sites → select your IC3 site → click Authentication.
  2. Enable Windows Authentication.
  3. Repeat for SITE-API.
  4. Restart IIS.

2.4 Verify LDAP Sync

  1. Log back into IC3 → Admin Mode → Security & Permissions → Login.
  2. Wait for sync to finish (may take a few minutes).
  3. Log out and test a Windows Authentication login.

3. Email Notification (SMTP) Setup

3.1 Configure SMTP

Once your authentication (Azure or LDAP) is working:

  1. Go to Admin Mode → System Config → Email Setup → SMTP.
  2. Enter your SMTP server details.
  3. Click Save.
  4. Select Send Me Test Email > Note: Test emails only send when you are logged into your own user account.

Special Requirement for Azure Sync

  • The sender email address must belong to a synced Entra ID user; otherwise, Azure will reject the message.

4. Summary

Task LDAP Sync Azure Sync
Identity Provider Windows Authentication Azure AD / Entra ID
Setup Complexity Low–Medium Medium–High
Needed Info LDAP path, domain, groups App Registration, IDs, Secret, Permissions
IIS Changes Needed Yes Yes
Email Requirement Any valid SMTP sender Must be an Entra ID mailbox