G2 Fall report names PaperCut #1 in Print

Choose your language

Choose your login

Contact us

Help Center menu

PRODUCT MANUALS

PaperCut NG & PaperCut MF Manual

PRODUCTS FEATURED

Synchronize user and group details with standard Azure AD

To synchronize with a standard Azure AD tenant, you need to create a new application in your Azure Tenant. 

Requirements

Step 1. Create your Azure application

  1. Log in to Azure as an application administrator.

  2. In the Search bar, search for and select Azure Active Directory.

  3. In the navigation pane, under Manage, select App Registrations.

  4. Click New registration.

  5. Fill in the basic information for your application.

    • Set Name as something you can easily identify, for example, PaperCut Azure Sync.

    • Set the supported account type to Accounts in this organizational directory only.

  6. Click Register.

Step 2. Give your application permissions to read users and groups

  1. In the navigation pane, under Manage, select API Permissions and click Add a permission.

  2. In the right pane, select Microsoft Graph, and click Delegated permissions.

  3. Use the search bar to locate and add the following permissions:

    • profile

    • User.Read

  4. Click Application permissions.

  5. Use the search bar to locate and add the following permissions:

    • Directory.Read.All

    • Group.Read.All

    • GroupMember.Read.All

    • User.Read.All

  6. Under Configured Permissions, click Grant admin consent, and then click Yes to confirm.

Step 3. Configure your application’s authentication

  1. In the navigation pane, under Manage, select Authentication.

  2. Under Platform configurations, click Add a platform.

  3. In the right side pane, select Web.

  4. Fill in the platform configuration with the following values:

    • Redirect URIs: set to ://type-our-own-papercut-server-address-here/api/oauth2callback.

      For example: https://papercut.school.com:9192/api/oauth2callback

    • Leave the front-channel logout URL blank.

    • Under Implicit grant and hybrid flows, select ID Tokens.

  5. Click Configure.

Step 4. Generate an application client secret value

  1. In the navigation pane, under Manage, select Certificates & secrets.

  2. Under Client Secrets, click New client secret.

  3. Complete the following fields:

    • Description: set to something memorable, for example, “PaperCut Sync Secret”.

    • Expires: Choose an appropriate expiry date.

  4. Click Add.

  5. Copy the client secret value for later use.

Step 5. Configure PaperCut

  1. Log in to the PaperCut Admin web interface.

  2. Select Options > User/Group Sync.

    The User/Group Sync page is displayed.

  3. In the Sync Source area, in Primary sync source, select Azure AD.

  4. Fill in the following fields:

    • Tenant ID: The ID of your tenant, as listed in Azure Active Directory.

    • App ID: The ID of the application you registered as part of this setup.

    • Client Secret: The client secret value that you created in Step 4 above.

  5. If you want to sync the Primary card number in PaperCut from the employeeID field in Azure:

    1. From the Actions menu, click Config editor (advanced) to open the Config Editor.

    2. Search for user-source.update-user-details-card-id.

    3. Change the value from N to Y and click Update.

  6. Click Apply.

  7. If you want your users to be able to log in to the Admin and User web interfaces using the Sign in with Microsoft button:

    1. Return to Options > User/Group Sync.

    2. Scroll down the page to find Single Sign on with Microsoft and select the checkbox to enable it.

    3. Fill in the fields with the same information as above.

    4. Click Apply at the bottom of the page.

Comments