Purpose of these notes
This is to switch existing KeyACCIDENT user management from the in-built KtsUSERS to Microsoft Azure User Authentication.
Azure Enterprise permissions
To manage users within the KeyACCIDENT Azure Enterprise application, you need to be either:
- A domain administrator, or
- A user with a custom 'update' role
Full domain administration is not required from a KeyACCIDENT perspective, so we recommend creating a custom role.
See: Create custom roles to manage enterprise apps in Azure Active Directory
Switch KeyACCIDENT to Microsoft Azure User Authentication
1. Open C:\Program Files\Common Files\Transoft Solutions\KTSDatabaseManager
2. Open the latest KTSDatabaseManager folder
3. Open the net48 folder
4. Right-click the KTS_SetupUtility.exe and Run as administrator
Alternatively, KeyACCIDENT v7.9 onwards allows this setup wizard to run without IT admin rights. It will then set up KeyACCIDENT per user rather than for every user on the device.
5. This opens the Product Setup Wizard
If not already showing, select your current KeyACCIDENT version and click Next
6. Select KeyACCIDENT and Microsoft Azure User Authentication, if not already selected, and click Next
7. Enter your server details, existing server admin details, existing database details and click Next
8. Select Enable Azure User Authentication and click Next
9. If you have not used the KeyACCIDENT Enterprise app before, this screen is displayed. It prompts for permission to add the KeyACCIDENT Enterprise app.
Click Accept to continue.
10. The Microsoft sign-in dialogue opens. Sign in using your usual company Windows login details.
- User name
- Next
- Password
- Sign in (may require MFA if enabled)
11. Now click Setup
12. Select Yes to complete the KeyACCIDENT setup
13. Setup is complete. Click Exit.
14. The Setup Configuration file is redundant for this process – click No
15. KeyACCIDENT will now authenticate users via MS Azure
The status bar of the Database screen now shows an email address after successful login with MS Azure User Authentication
16. Future logins by user
Just click on the user’s account (with 2FA if enabled)
17. If you now need to set up other devices to authenticate with Azure, simply copy the file AzureConfig.json from:
C:\ProgramData\Transoft Solutions\KTS Database Manager\Azure\KeyACCIDENT
Paste this file to the same location on the devices of other users needing to authenticate with Azure. This will automatically set up those clients for Azure authentication.