Problem: You receive emails from your Azure Tenant that your "Azure App Registration secret is going to expire!"
Resolution:
After you have followed this step Appendix D: Configuring Microsoft Entra ID for Use with Security Group-Based Filters the Client secret that has been configured will have an expiration date. Here are the steps you need to take to update the current Microsoft EntraID App Registration and provide the newly created Client Secret within the Liquidware Profile Unity Management Console.
- Create a new secret via the Azure Portal for your current App Registration.
- Go to Certificates & secrets
- Select New client Secret
- Fill in a Description and set an Expires date (Microsoft Recommends 180 Days)
- Click Add and copy the Value (Not the Secret ID). Make sure to store this information in a secure place. This information is not readable anymore for reference (If not saved you need to create a new Client Secret – Step B)
- Now it is time to update the new client Secret information within the Liquidware Profile Unity Management backend.
- Log in to the backend and choose Administration – Access and Authentication.
- Select the Edit Button for the item you want to update. Leave everything the same except the Client Secret Value. Add the newly created value and click Save.
- Then Click Update in the right top corner and you are done.
3. We will now test if the secret is working by using the Filter Management Node and choosing the EntraID Condition to see if it returns any values from Microsoft Entra.
Open Filter Management
- Click Create
- Choose the Entra ID User Group Membership from the Condition field
- Select the Value which is your EntraID entry within the Administration Section we just updated.
- Go into the search field and type 3 characters of a group which actually exists in that Microsoft EntraID tenant. It should return at least 2 values in the drop down.
NOTE: Since only the client secret is changed, the Groups that are currently configured within the Filters will not need to be updated.