See Quickpass In Action
Prerequisites
- Ensure that you are on the IT Glue Enterprise plan which allows you access to the IT Glue API.
- Important - IT Glue Password Vault: Passwords from IT Glue that are added to the IT Glue host proof Vault are not supported. In this case neither IT Glue or Quickpass will have the ability to read and/or update the password for any matched accounts.
Enable IT Glue Integration
1. As an IT Glue Administrator, log in to IT Glue and navigate to Account > Settings.
2. In the Custom API Keys section, click + to create a new custom API.
3. Type in a name for the API Key such as Quickpass-Integration, click the Password Access checkbox, and then click the Generate API Key button.
4. Copy the newly generated API key.
5. Log in to the Quickpass admin website at https://admin.getquickpass.com using your Quickpass Administrator account.
6. Click Integrations in the left-hand menu.
7. In the Integrations page, click the IT Glue logo. You will be prompted to enter the API key you created earlier in IT Glue. Paste in the API key and select a Cloud Zone based on the location your IT Glue account is located in (either US Cloud (United States) or EU Cloud (European Union).
8. Click Connect to complete the process.
After the API for IT Glue is connected to Quickpass, you can begin to either import IT Glue organizations to create new Quickpass customers or match existing Quickpass customers with IT Glue organizations.
IT Glue Integration Options
- If you have never used Quickpass and have no pre-existing Quickpass customers, proceed to Option 1 – Import IT Glue Organizations as New Quickpass Customers.
- If you have preexisting Quickpass customers, proceed to Option 2 - Matching IT Glue Organizations to Existing Quickpass Customers.
Option 1 - Import IT Glue Organizations as New Quickpass Customers
Part A – Importing IT Glue Organizations
1. In Quickpass, click Integrations in the left-hand menu.
2. Click the IT Glue logo and then + Import Customers in the top-right corner.
3. In the Import Customers page, click to select all the IT Glue organizations that you would like to import. Then, click Add in the top-left corner to complete the action.
Note: The search box for IT Glue only supports exact match searching due to IT Glue's API limitation.
5. Once the organizations are imported, they will appear on the Quickpass Customers page.
You can view the status of linked IT Glue Organizations with Quickpass Customers, navigate to Integrations > Select IT Glue.
Note: After a new Quickpass customer has been created you have the choice of using the Customer with Active Directory, Office 365 or both.
Active Directory
If you want to use the Quickpass customer with Active Directory click the Connect Agent option on the right hand menu for that customer.
This will activate the Quickpass customer to work with the Active Directory agent. You can see the agent installation instructions here.
Office 365
If you want to use the Quickpass customer with Office 365 click the Connect O365 option on the right hand menu for that customer followed by logging into your Office 365 tenant using your global admin account at the Microsoft OAuth prompt that will pop up.
You can follow the instructions on how to connect the Office 365 tenant here.
Hybrid Environments
For hybrid environments of on-premise Active Directory and Office 365 you have a couple of options.
With Microsoft Azure AD Connect
- Download and install the Quickpass Active Directory server agent.
- Azure AD Connect will look after synchronizing passwords between Active Directory and Office 365
- Quickpass will improve Azure AD Connect response time by running the delta password update PowerShell script after every password reset detected in Active Directory to avoid the 15 mins delay.
- Connect the Office 365 tenant to the Quickpass customer if you have Office 365 cloud only privileged accounts such as a Global Admin that you wish to rotate their passwords.
- When importing end-user accounts for the first time select the Password Sync: OFF option so that Quickpass will not sync passwords between Active Directory and Office 365.
- Do not import accounts from Office 365 whose passwords are syncing from Active Directory via Azure AD Connect.
Without Microsoft Azure AD Connect
- Download and install the Quickpass Active Directory server agent.
- Connect the Office 365 tenant to the Quickpass customer
- Active Directory / Office 365 Password Sync: When importing End-User Accounts for the first time select the Password Sync: ON option.
- If you do not wish to sync end-user account passwords between Active Directory and Office 365 select Password Sync: OFF option when first importing End-User Accounts.
Part B - Downloading and Installing the Server Agent on the Active Directory Server
1. Refer to this KB Article https://support.getquickpass.com/hc/en-us/articles/360035206994-How-to-install-the-Server-Agent-Manual-and-Silent
2. Then return to this article and proceed to the section titled Import Accounts from Active Directory, Office 365 or both to Quickpass.
Part C - Setting up Office 365
1. If you wish to setup Office 365 follow this KB article https://support.getquickpass.com/hc/en-us/articles/360039678373-How-to-Connect-a-Azure-Office-365-tenant-to-Quickpass-Customer
Option 2 - Matching IT Glue Organizations to Existing Quickpass Customers
1. Click Integrations in the left-hand menu and then click the IT Glue logo in the Integrations page.
2. Click the MATCH CUSTOMERS button on the top-right of the screen.
Note: The search box for IT Glue only supports exact match searching due to IT Glue's API limitation.
3. Drag the IT Glue organizations from the left-hand side over to the corresponding Quickpass Customer on the right-hand side. The organization will turn green in the IT Glue Customer column.
4. When done click the Back to IT Glue Customers link in the top left of the screen.
You will now see the linked IT Glue organizations with Quickpass Customers on the Customers page.
Import Accounts from Active Directory, Office 365 or both to Quickpass
1. Select the Customer you wish to import accounts from in the Customers screen.
2. Click the Accounts menu of the account type you wish to match to IT Glue on the left-hand menu.
3. Click + IMPORT ACCOUNTS in the top-right corner.
4. If you have both Active Directory and Office 365 connected to the same Quickpass customer you will see an option to import Active Directory or Office 365 accounts. Select the appropriate directory source you wish to import accounts from.
5. Select the Organizational Unit (OU) where your admin user(s) are located in Active Directory.
Note: Only OU's with user objects will appear on this screen.
***If importing from Office 365 skip this step***
6. Select the Accounts from Active Directory that you want to import into Quickpass.
Note: The search box for IT Glue only supports exact match searching due to IT Glue's API limitation.
7. Click Add in the top-left corner to import the users. Those accounts will now be imported as Administrator Accounts.
8. Now that the Active Directory accounts have been imported into Quickpass, you can link them to IT Glue password entries.
9. Click the MATCH ACCOUNTS button in the Admin Users screen.
10. In the Match Administrator Accounts screen you have three options to match a Quickpass account to an IT Glue password entry.
Manually Match
Drag the IT Glue password entry on the left-hand side to the corresponding Quickpass Account on the right-hand side. The entry will turn green in the IT Glue Password Entry column.
Click the check box to the right of the account then click the Add button at the top to confirm the match
Important - IT Glue Password Vault: Passwords from IT Glue that are added to the IT Glue host proof Vault are not supported. In this case neither IT Glue or Quickpass will have the ability to read and/or update the password for any matched accounts.
Note: The search box for IT Glue only supports exact match searching due to IT Glue's API limitation.
Auto Match
Click the AUTOMATCH button at the top of the Match Administrator Accounts window.
Quickpass will look for IT Glue password entries that satisfy the following criteria
Active Directory Accounts and Matched AD / O365 Accounts
- Username = samAccountName (Ie. Username = jsmith)
- Username = userPrinpalName (Ie. Username = jsmith@quickpass.local)
- Username = domain\samAccountName (Ie. Username = quickpass\jsmith)
Office 365 Accounts
- Username = userPrincipalName (Ie. Username = jsmith@quickpass.com)
If Quickpass finds suitable matches it will list the results and allow you to select all and click the ADD button to complete the process. If no matches are found you will see a message on screen showing No Matches Found.
Important - IT Glue Password Vault: Passwords from IT Glue that are added to the IT Glue host proof Vault are not supported. In this case neither IT Glue or Quickpass will have the ability to read and/or update the password for any matched accounts.
Create IT Glue Password Entry
If the IT Glue password entry does not currently exist you have the option for Quickpass to automatically create the password entries for you. To do this click the check boxes to the right of the Quickpass Accounts listed in the table or clicking the All button to select all. Then click the ADD button when done.
Important - IT Glue Password Vault: Passwords from IT Glue that are added to the IT Glue host proof Vault are not supported. In this case neither IT Glue or Quickpass will have the ability to read and/or update the password for any matched accounts.
11. Back in the Accounts screen you will notice the IT Glue icon under the Integration column showing that the account is connected to an IT Glue password entry.
Manually Resetting IT Glue Matched Account Passwords in Quickpass
1. Select the desired customer you wish to reset the account password for.
2. Click the Accounts menu where the account you want to reset is located on the left-hand side.
3. On the Account that you wish to change the password for, click the vertical ellipsis (…) and click Reset Password.
4. Type the newly password in the Reset Password window then click RESET.
A confirmation message will appear confirming that the password was successfully reset. In the event the password did not meet the password requirements, you will receive an error message and will have to try again using another password.
After the password is reset in Quickpass, this will reset the account password in Active Directory, Office 365 or both depending on your setup. Once a password change has been synced over to IT Glue through the integration, a revision history item is added within IT Glue.
Next Steps
See Quickpass In Action
Setup Scheduled Password Rotation of Administrator Accounts with IT Glue
Setup Scheduled Password Rotation of Service Accounts with IT Glue
Rotate Administrator Account Passwords On-Demand
Reset Passwords from IT Glue
Comments
0 comments
Please sign in to leave a comment.