Azure Active Directory User/Access Set Up

  • 10 October 2023
  • 3 replies

Userlevel 4

Hello -

Is there an easy way to bring in/import all active directory users? Or do these need to be added one by one from the Users screen? If import is feasible, can we “override AD roles with local roles” at the same time?

Also, I am a bit confused on the AD Group/User Roles set up. Is this essentially redoing all access roles for every user? Is there no way to get the new AD users to default based on their current set up? Not sure what the quickest route is but as of now it’s sounding like I will need to manually tie the same Acumatica username roles to everyone’s AD user account.


Best answer by hkabiri 10 October 2023, 18:05

View original

3 replies

Userlevel 6
Badge +5

@ashleyb as of now there is no way to import all users from UI. However, if the AD integration is enabled through the config file, users can login with their AD user and the User will be automatically added.

However, in order for them to access screens, since Override AD Roles with Local Roles, cannot be checked by defaults and basically system does not know who should get what role, you should map Acumatica Roles with AD Groups which users are member of using User Roles Screen. This way when the user login and get the user created the Acumatica roles automatically being assigned based on the AD user membership and the mapping done on Acumatica.



Userlevel 4

Hi @hkabiri  - So since there are no AD groups currently that line up with the users in the user roles and many of our user access varies, would I need to create an AD group for every user role and would AD groups then define the access for all? So then if we add a user or need to modify a user’s access, we would need to manage this on the group now instead of the user role? We have 94 active user roles in our largest tenant and 5 tenants to apply these updates to, so I am just trying to make sure I am understanding what the best approach should be. 


Thank you!

Userlevel 6
Badge +5

@ashleyb  I cannot comment on how you define your AD Groups or Acumatica Roles. However, normally OUs in AD can be mapped to Acumatica Roles. Like people who work in Finance and AP side are member of OUs in AD and you map these groups to Acumatica User Roles.


About Acumatica ERP system
Acumatica Cloud ERP provides the best business management solution for transforming your company to thrive in the new digital economy. Built on a future-proof platform with open architecture for rapid integrations, scalability, and ease of use, Acumatica delivers unparalleled value to small and midmarket organizations. Connected Business. Delivered.
© 2008 — 2024  Acumatica, Inc. All rights reserved