I've created a howto where all the steps are explained in detail:
-
-
-
We have users in Azure AD and while we tried to sign using SSO asking to create user in Zabbix.
How to synch the users between Azure AD and Zabbix?
Comment
-
Probably over API.
Automatic user creation is mentioned in roadmap for v6.4
JIT user provisioning In design
Support automatic user creation after successful AD, LDAP, or SAML authentication. It will allow remote management of users and their permissionsComment
-
How to get roadmap v6.4? When i click on Download it shows v6.2 only.
Please share the reference link.
https://www.zabbix.com/roadmapComment
-
Hope this helps someone else, we previously configured Apache to use Kerberos authentication from domain joined workstations and had our users defined as the Active Directory SamAccountName (eg davidh):
We subsequently configured SAML in the Azure AD Enterprise Application registration to add an additional claim called 'username' where we then use the SamAccountName field from the account sync'd to Azure AD from our on-premises AD:
Zabbix SAML integration was configured to use the custom claim field 'username':
Lastly download the Azure AD application certificate and store it as 'idp.crt' whilst creating a certificate for Zabbix:
Created 'sp.crt' and 'sp.key' with the following command:
openssl req -x509 -newkey rsa:4096 -keyout /usr/share/zabbix/conf/certs/sp.key -out /usr/share/zabbix/conf/certs/sp.crt -sha256 -days 1825 -nodesComment
-
I Have tried the steps mentioned in the post to do the setup but it's not working . Getting error-- Invalid array settings: idp_cert_or_fingerprint_not_found_and_required
Comment
Comment