Microsoft Integration

NAVIGATION  Admin > Integrations > Microsoft

SECURITY  Manager or Administrator

This integration enables the flow of data from Microsoft directly to IT Glue. Microsoft tenants, users, mailbox information, and more will sync automatically to IT Glue, ensuring accurate and up-to-date data.

Benefits of this integration include the following:

  • Manage the options of your Microsoft asset, including manual syncing and comparing data between IT Glue and Microsoft.
  • Jump from IT Glue to a user list in the tenant portal when you click Manage on a synced contact.
  • Match data between Intune devices and existing IT Glue configurations, allowing you to compare data between IT Glue and Microsoft Intune.
  • View logs related to your integration in the sync logs.

At any time, you can return to the Active Integrations page (Admin > Integrations) to make changes to the integration.

NOTE  This integration supports direct logins to client admin centers, but integrating in this way requires an additional data source and following the steps in this article for each client you wish to integrate.

NOTE  IT Glue syncs with Microsoft every hour. After a new sync between Microsoft and IT Glue is finished, updated data will appear after a 15-minute period.

Microsoft field mappings

Microsoft fields are automatically mapped to IT Glue when you set up the integration. Refer to Microsoft field mappings.

BEFORE YOU BEGIN  Before you set up this integration, thoroughly review your existing contacts in IT Glue and ensure they adhere to the following matching logic. If existing contacts do not exactly match this logic, the integration will create unwanted duplicates.

IT Glue Asset Field in IT Glue Field in Microsoft
Contacts Email 
  1. Attempt match on any alias of the Microsoft user.
  2. Attempt match on the username value (for example, the @onmicrosoft.com domain).
  3. Attempt match on combination of First Name + Last Name.

Prerequisites

  • Manager or Administrator access to IT Glue.
  • Microsoft Cloud Partner certified to offer delegated administration (optional for Intune).
  • Delegated admin permissions (DAP) to each of your clients' Microsoft tenants through your own Microsoft Partner Center rather than direct logins to their admin portals (optional for Intune).

Required for Microsoft 365 only

  • One available data source.
  • Granular delegated admin permissions (GDAP) relationship with Microsoft Entra roles to each of your clients' Microsoft tenants through your own Microsoft Partner Center. (Not applicable to single tenants.) Refer to Microsoft Integration: GDAP.

Features

From the sync settings, this integration supports syncing Microsoft 365 contacts, locations, Entra ID functionality, and licenses from the Microsoft 365 tab as well as Intune devices from the Intune tab. Refer to the following topics to explore the various features offered through this integration, depending on what you choose to sync:

Displaying concealed Microsoft 365 user, group, and site names

You will need to turn off a feature in Microsoft 365 that conceals users, groups, and site names. If you do not turn off this feature, the integration will not be able to retrieve mailbox usage.

To prevent this issue, complete the following steps in the Microsoft 365 admin center.

  1. In the Microsoft 365 admin center, navigate to Settings > Org Settings > Services.
  2. Select Reports.
  3. Clear Display concealed user, group, and site names in all reports, and click Save.

How to...

IMPORTANT  As of January 2024, IT Glue supports GDAP. If configuring GDAP, refer to Microsoft Integration: GDAP, following the instructions in Creating a service account user for GDAP and Creating a new security group, before proceeding with the following steps.