Setting up modusGate to authenticate with O365 via Azure

Created by Yves Lacombe, Modified on Fri, 13 Oct, 2023 at 11:41 AM by Yves Lacombe

1) Login to your O365 portal under Azure AD


2) Go to APP Registration and click on [ + New Registration ]


 

3) Put in a Name, select "Accounts in the orginaztional directory only and click "Register"



4)  Copy paste the application ID to notepad, you'll need it later.



5)  Click on API Permissions and click on Add a permission



6) Select microsoft GRAPH API at the top of the API selection screen.



7) Select Application Permissions




8) Under Directory -> Select Directory.Read.All,  Under Group -> Select Group.Read.ALL and click Add Permission




9)  Click on Grand Admin Consent for <your company>





10) Under Certificates & Secrets, give the client secret a name, select "never" as the expiry and click "new client secret"




11) Copy paste the new secret to notepad.  Please note this will dissapear after you save it.




12) Go to the authentication section and click Add Platform.





13) Click "Web" Under Configure Platforms.



14) Once in the Web Application, Configure settings under the Configure Web. Once you have clicked Configure button, it will take you back to the initial screen.




15) Finally in modusGate ...


Put in the Native APP ID & the Web APP Id the application-id you noted down during step #4 and the web app key should be the key you got in the step #11.  Save.  Stop & Start the SMTPRS & SMTPDS services.




16) At this point, if you send an Email via telnet to port 25 to a user in azure AD, the user should populate in modusGate.



IMPORTANT NOTE FOR 2FA:


If you enabled two-factor authentication with your O365 tenant, you need to tell modusGate to byass it to be able to have users login to the webquarantine.  To do this, you need to set a registry key for the given route you're setting up:


regedit

go to HKLM > Software > WOW6432node > Vircom > VOPMAIL > RelayAuthServer

Hit ctrl-F to search for the route you setup via the console via the tenant name (usually something.onmicrosoft.com)

Add a new DWORD Value called "AzureBypass2FactorAuth" and set it to a value of 1 under that Hive.


STOP START SMTPDS & SMTPRS

Do an IISRESET on the box