This website uses cookies. By clicking OK, you consent to the use of cookies. Read our cookie policy.
Accept
Reject
Community

Azure Sync plugin details

mon
Level 1
‎10-05-2021 02:09 AM
Azure Sync plugin details

Please provide in-detail documentation or articles about Azure Sync plugin (https://www.dataiku.com/product/plugins/azure-ad-sync/) regarding the table, how it interacts with Azure AD, if it is an wrapper for DSS SSO (https://doc.dataiku.com/dss/latest/security/sso.html#users-database).

  1. In a DSS project, create a table containing the following columns:
    • dss_group_name
    • aad_group_name,
    • dss_profile
  2. For each row, give the name of the group on AAD, its equivalent group name on DSS, and the user profile you which to associate to this group. The profile can take the following values: DATA_SCIENTIST, DATA_ANALYST, EXPLORER or READER
  3. A second dataset can be created for logging purpose. This dataset should contain the following columns
    • date
    • user
    • type
    • message
  4. In the DSS project containing the group dataset, go to the macro menu and select Synchronize Azure AD Users with DSS. Select the Azure AD connection created in step 2 of the set up phase,  and point Group dataset and Save logging into toward the correct datasets.
  5. First make sure Simulate is selected, and press Run Macro. A list of the operation to be performed should appear.
  6. Once you are happy with the synchronization operation to be performed, unselect Simulate and run the macro.

Github (https://github.com/dataiku/dss-plugin-azure-ad-sync) does not have details.

Thanks for the assistance.

0 Kudos
Reply
1 Reply
AlexT
Dataiker
‎10-15-2021 06:23 PM

Hi @mon,

Thanks for your feedback. Could you please elaborate a bit on where you need additional details or what is unclear from the current documentation? 

The plugin is meant to compliment SSO by allowing you to define and synchronize DSS Groups with AAD Groups. 

As explained here: https://doc.dataiku.com/dss/latest/security/sso.html#users-database the user database still needs to be updated even with SSO hence the purpose of the Azure Sync plugin is to help automate this synchronization. 

At a high level to set up, you need to create 2 datasets with the following

1) dss_group_name,aad_group_name,dss_profile

2) date,user,type, message

You can create these as wish directly .csv files and import them into DSS or use editable datasets in DSS.

Screenshot 2021-10-15 at 17.19.43.png

Then run the Macro and of course once you are happy you can create a scenario to re-run this on your desired schedule. 

Screenshot 2021-10-15 at 17.06.59.png

Thanks,

0 Kudos
Reply
A banner prompting to get Dataiku
Didn't Find What You Needed?

Post a Question

Help me …
… ask a question … search for an answer … learn to use the Community