we are extensively using services in the Azure Cloud, but our On-Premise Active Directory is not yet fully migrated. Currently, the synchronization of the On-Premise AD only occurs in one direction, from Entra to On-Premise AD. However, operations in reverse, such as creating users in EntraID, work but are not synchronized with the On-Premise AD.
Currently, we are faced with the challenge of using a web application to create users. The workflow is intended to be as follows:
The backend receives a list of users from the HR system.
The backend verifies the list.
If there are users in the list that do not exist yet, they should be created.
In Step 3, we encounter the issue that we cannot use the Graph API. I've seen that there are RunBooks, but I'm not entirely sure how they can help me achieve this goal. As per my understanding, I would create a RunBook that I trigger with a WebHook.
In the WebHook's body, I would include the user data that needs to be created. However, at the moment, I'm unsure of how the RunBook would then connect to the On-Premise AD and proceed to create the users.
I would appreciate your assistance and suggestions on how to efficiently and resource-effectively implement this integration. Thank you in advance!
I have devised a solution.
Firstly, I established an automation account and crafted a runbook for generating Active Directory users, along with a webhook to facilitate user data transmission. Subsequently, I configured a hybrid worker group and integrated the virtual machine with the local Active Directory.
Within the interface of the runbook and webhook, I designated the hybrid worker group (comprising the single VM) and initiated several POST requests using Insomnia.