UserLock SSO Assistant
Launch the tool
Launch the application located in C:\Program Files (x86)\ISDecisionsUserLockUserLockSSO\ToolsUserLockSsoAssistant.
The tool requires the MSOnline Powershell module. If it is not installed, the tool will attempt to install it. When prompted, please consent and proceed with the installation to continue configuring Microsoft 365 SSO.
Troubleshoot issues related to UserLock SSO
To launch the diagnostic tool select "Troubleshoot issues related to UserLock SSO" and click on "Configure".
If a problem appears in the analysis report, you can try to solve it by clicking on "Fix". If the problem is not resolved, please contact support with a screenshot of the analysis results.
Warning! Clicking on "Clean" will reset the configuration but it will also disable the functionality completely.
Configure Microsoft 365 single sign-on with the IS Decisions UserLock SSO Assistant tool
1. Federate your Azure domains
Select "Federate an Azure Active Directory domain with UserLock SSO" click on "Configure".
Enter your Microsoft credentials. If your account is federated or if you have enabled Azure AD multi-factor authentication, a Microsoft pop-up will open to confirm your credentials.
Choose your domain (sub-domains are federated together with their main domain) and click on federate.
2. Synchronize your users
This feature allows you to synchronize your Active Directory and Azure Active Directory users without using Azure AD Connect. If you are using Azure AD Connect, you do not need to perform this operation.
On the home page, choose "Synchronize Active Directory and Azure Active Directory (now Microsoft Entra ID) users".
Select the OU of your users to synchronize and the Azure AD domain to synchronize to
Here you can see the list of users that can be synchronized or unsynchronized.
You can choose to synchronize a user with a new profile (Create a new Microsoft 365 user) or with an existing Microsoft profile (Synchronize with an existing Microsoft 365 user).