Arctera™ Insight Management Console Help
- Getting started
- Archive Overview
- Working with Dashboard
- Managing Configurations
- Viewing provisioned services
- About Provisioning
- About Managed Tags
- About Account Management
- About the Account Details page
- Configuring the Manage Your Own Keys (MYOK) Feature
- Managing Archive Collectors
- About Exchange Online Archiving
- About Google Chat Archiving
- About Google Workspace Archiving
- About SCIM Archiving
- About Import Collector
- About Insight Capture Services Archiving
- About Microsoft Teams (Audio Video) Archiving
- About Audio-Video Archiving
- About Audio-Video Archiving using NTR-X Collectors
- About Dubber Speik SMS Archiving
- About Dubber Speik Recordings Archiving
- About Text-Delimited Archiving
- About XSLT-XML Archiving
- About JSON Archiving
- About iMessage Archiving
- About LinkedIn Archiving
- About Signal Archiving
- About Verint Archiving
- About WeChat Archiving
- About WhatsApp Archiving
- About Cloud9 Archiving
- About Verba Archiving
- About Copilot Archiving
- About Zoom Phone Archiving
- Managing Roles and Permissions
- Managing Policies
- Managing Authentication
- Managing Retention Policies
- Managing Email Continuity Services
- Managing Reports and Notifications
- Classification
- Managing Data Import
- AD FS Configuration Guide
Configuring SCIM archiving by using Azure Active Directory
Before configuring SCIM archiving, review the following points to ensure proper configuration.
The SCIM app pushes user and group objects along with any membership delta.
Only
can be provisioned.are not automatically flattened. Native recursion is not supported. Groups containing sub-groups require flat expansion.
. Azure AD enforces this sequence. If Insight Archiving rejects membership references, groups are created but members remain empty until users exist.
with object IDs in Azure AD can be provisioned and assigned as members in Insight Archiving.
are supported if they are in scope and active.
To configure SCIM archiving by using Azure Active Directory
- Ensure that your enterprise application is added to your Azure Active Directory tenant.
For more information, refer to Adding an application on Azure AD portal
- Sign in to the Microsoft Entra admin center as an Administrator.
- Browse to Entra ID > Enterprise Applications, and select your application.
- In the left navigation pane, select Provisioning.
- On the Provisioning page, expand the Mappings section.
- To provision the Users attribute mapping, perform the following steps:
Ensure that the Provision Azure Active Directory Users option is enabled. Click to select it.
On the Attribute Mapping page, the existing mapping properties are displayed. To add more mapping properties, click Add New Mappings. To edit existing properties, select the Show Advanced Options check box and click Edit attribute list for customappsso.
Refer the user attribute mappings below:
Note:
Create the SCIM schema in enterprise application. While creating the SCIM schema, you can set the attribute precedence of PrimaryEmailAddress and Username as 1 or 2, as required.
For example, if you set the attribute precedence of PrimaryEmailAddress as 1, then the attribute precedence of Username is consequently set as 2. If you set the attribute precedence of Username as 1, then the attribute precedence of PrimaryEmailAddress is consequently set as 2.
For more information, refer to Creating schema in enterprise application.
AD Attribute
Arctera SCIM Attributes
/ Matching Precedence
Arctera Insight Archiving Source attributes
Example data
User.Mail
emails[type eq "work"].value, IsPrimary=true
/ 1
PrimaryEmailAddress
jsmith@organization1.com
Append([extensionAttribute1]+ @organization1.com)
userName
/ 2
UserName
abc1abc@organization1.com
givenName
name.givenName
FirstName
John
Surname
name.familyName
LastName
Smith
displayName
displayName
DisplayName
John Smith
accountEnabled
active
IsArchive
TRUE
proxyAddresses
emails[type eq "work"].value,IsPrimary=false
EmailAliases
"smtp:user1@organization1.mail.onmicrosoft.com", "smtp:user1_alias@organization1.COM"
- To provision Groups, perform the following steps:
Ensure that the Provision Azure Active Directory Groups option is enabled. Click to select it.
On the Attribute Mapping page, the existing mapping properties are displayed. To add more mapping properties, click Add New Mappings. To edit existing properties, select the Show Advanced Options check box and click Edit attribute list for customappsso.
Refer the group attribute mappings below:
Note:
Use DisplayName as Primary Mapping attribute.
Group Attribute
App Attribute Name
Is Custom Attribute
displayName
displayName
No
objectId
externalId
No
members
members
No
description
urn:ietf:params:scim:schemas:extension:veritas:2.0:Group:description
Yes
Mail
urn:ietf:params:scim:schemas:extension:veritas:2.0:Group:mail
Yes
securityEnabled
urn:ietf:params:scim:schemas:extension:veritas:2.0:Group:securityEnabled
Yes
mailEnabled
urn:ietf:params:scim:schemas:extension:veritas:2.0:Group:mailEnabled
Yes
- After all of the required mappings are configured, select Save.
- After successful configuration, generate a token from Management Console.
- Click Generate .
- Copy the generated token, and click OK.
- Click Save.
- Enter the copied token in the Secret field in the Azure enterprise application.
- Click Test connection to complete the configuration.
If the testing is successful, configuration is considered as complete. If the testing is unsuccessful, contact the support team.