Adding a One Drive for Business or an Office 365 shared space
All end users will be registered in the Active Directory and must own a Microsoft Office 365 account.
When you sign up for an Office 365 subscription, it will include at least access to the free Azure Active Directory (Azure AD) product range, which allows managing the identities of your users, and registering and/or declaring Azure AD applications. Therefore, ensure that your Office 365 has been correctly integrated into Azure AD.
To share protected files in OneDrive for Business and Office 365 shared spaces, you must register an SDS for C&M application in Microsoft Azure AD. There are two ways to do so:
- Use the Stormshield Azure application, in which case configuration will be automatic.
- Use your own Azure application, in which case you must have configured the Stormshield application in Azure AD beforehand. For more information, refer to the section Declaring the application in Microsoft Azure AD.
Creating a One Drive for Business or an Office 365 shared space
- In the server's administration interface, select the Shared spaces menu on the left.
- Click on New at the top right of the panel.
- Enter the name you wish to give to your shared space and select its type.
- Follow the steps in the configuration by filling in the fields.
- The Tenant ID is the identifier of the Office 365 tenant. Retrieve this identifier from the Azure AD administration center in the tenant's properties. You can also specify the domain name in this field, for example *onmicrosoft.com.
- The URI is the address of the Office 365 resource (website or subsite). This field is not required for OneDrive for Business shared spaces.
- The Endpoint is the connection URL to the Microsoft Office 365 authentication API. It must be in the form of https://login.microsoftonline.com/common/OAuth2.
- Click on Next then choose whether you wish to use the Stormshield Azure application or configure your own. For more information, refer to the Requirements
- If you are using your own SDS for C&M application, fill in the following fields:
- The Application ID is the identifier of the Azure AD application. To find out how to obtain this number, refer to the section Declaring the application in Microsoft Azure AD.
- The Redirection URI is the URL called up after the user has logged in. It corresponds to the address entered during the configuration of the application in Azure AD (HTTPS is not supported). Refer to the section Declaring the application in Microsoft Azure AD.
- Click on Create a new shared space.
After you have finished creating a shared space, you will be able to modify information and settings at any moment by selecting it from the list of shared spaces.
- If you are using your own application on Azure AD, ask the global Office 365 administrator to enable it in Azure. This step is essential as it would allow you to share protected files. For more information, refer to the section Enabling Stormshield's SDS for C&M Azure AD application.