If you or your organization have enabled VNC Connect's Azure AD SSO, you will no longer be able to assign people and roles within the VNC Connect portal. Instead, all role assignment takes place in Azure AD. To discuss enabling Azure AD SSO for your subscription, please contact us.
Please note that membership and role changes made within Azure AD are not immediately reflected within VNC Connect, and will instead update as below:
- If a user is signed in, then the changes will be applied within an hour
- If a user is not signed in, then the changes will be applied when they next sign-in
Managers and Admins can use the VNC Connect portal to view the current members of the team, but cannot use it to add, remove or edit members. The list of members in the VNC Connect portal only includes those who have signed-in at least once.
Managing user and group assignments
- Navigate to the Azure AD portal, and sign in with an account that has appropriate permissions to assign users/groups to Enterprise applications
- Click Enterprise applications from the menu
- Click the VNC-Connect-SSO app from the list
- Click Assign users and groups in the Getting Started section, or Users and groups on the left menu
or 
Assigning new roles
- Click Add user/group at the top
- Select the users and/or groups you'd like to grant access to VNC Connect, by clicking None Selected and then selecting from the list that appears
Note, group assignment may require Azure AD Premium P1 or above
- Select the role that you would like to assign to the selected users/groups
Note, only 1 role can be selected. To assign a second role, e.g. Technician for On-Demand Assist, if included in your subscription, follow these steps again
- When you have completed your selections, click Assign
- The selected users and role assignments will appear in the list, and the users are able to sign in to VNC Connect!
Editing role assignments
- To edit an assigned role, select the user or group and click Edit
- Select the role that you would like to assign
- Click Assign and the selected user/group role will be updated
Removing role assignments
- To edit an assigned role, select the user or user group and click Remove
Linking Azure AD Security Groups to VNC Connect User Groups
VNC Connect's Azure AD SSO makes it possible to link Azure AD security groups to VNC Connect's user groups, allowing you to manage group membership (e.g. for computer discovery permissions) in Azure AD instead of the VNC Connect portal.
Once a group is linked, its members can no longer be viewed or edited in the VNC Connect Portal. Any users currently in the group are removed and replaced by users that are members of the Azure AD Security Group. Adding or removing members from the Azure AD Security Group will cause those users to be automatically added or removed from the VNC Connect group. These group changes made within Azure AD are not immediately reflected within VNC Connect, and will instead update as below:
- If a user is signed in, then the changes will be applied within an hour
- If a user is not signed in, then the changes will be applied when they next sign-in
When a group is unlinked, it retains any members it had when it was linked, but these members are no longer automatically updated from Azure AD and can now be edited within the VNC Connect Portal.
Linking a group
- Follow the steps for Assigning new roles (above) to assign the Security group a role in VNC Connect
- Select the group from the list of Users and Groups in the VNC-Connect-SSO Enterprise app
- Copy the group's object ID
- Sign in to the VNC Connect Portal using an Azure AD SSO account that has been assigned as a Manager or Admin
- Click People, Groups
- Choose to either Create a new group, or edit an existing user group using the 3 dots button next to the group
- If creating a new group, enter the name of the group. For new and existing groups, select Link to an organization group and enter the Azure AD group's object ID. Click Save
or 
- The group will be synced with Azure AD and ready to use in VNC Connect.
Comments
Please sign in to leave a comment.