RCH Configuration

MS Azure

Subscription

Had to send support ticket to Microsoft to unlock the new subscription form

Create new Azure subscription in MS Azure

EntraID

Domain Services

Create a new domain service (Takes about 1-2 hours)

Name the DS

Choose region for the DS

Create MTM Resource group

Assign Azure subscription to the DS

Select tier subscription level (Standard)

mtm.bio (DS)

LDAP Configuration

Enabled secure LDAP

Enabled secure LDAP access over the internet

Uploaded a certificate (PFX File)

Entered password for the certificate

MTM_Resource_Group

Network Security Group (aadds-nsg-01)

Create an inbound security rule

Source: IP Address

Source IP Addresses: 13.42.46.84/32,173.54.203.67/32

Destination Port Ranges: 636

Protocol: TCP

Description: Allow AWS EC2 LDAP

Entra -> DS -> [GR] -> AWS -> Linux

SAML Configuration:

EntraID:

https://turbot.com/guardrails/docs/guides/configuring-guardrails/directories/azure-ad