Azure Log Analytics- Data Retention-1

Azure Log Analytics- Data Retention

Reading Time: 3 minutes

Log Analytics collects data from a variety of sources and uses a powerful query language to give you insights into the operation of your applications and resources.

Log Analytics cost depends on your choice of pricing tier, data retention and which solutions are used.

In this section lets see how we can increase and decrease the retention days for Log Analytics Workspace.

Steps for retention period.

Step 1: Log into Azure Portal

Step 2: Navigate to Log Analytics Workspace ( select your workspace)

Step 3: And under General>> Click Usage and estimated costs.

Step 4: Under usage and estimated cost select data retention.

Data retention by default is set as 30 days you can change according to your need.

Note: Retention for Application insight data types default to 90 days and will get the workspace retention if it is over 90 days.

Step 5: Click on Ok to save the changes

If you want to set the different retention per table, then follow the below steps.

Important elements to be considered when dealing with data retention

  • Changing the retention at workspace level will change the table retention any longer on the one previously modified
  • For this you will need to use some simple ARM commands.
  • To continue we need to know the resource id first to retrieve the Log analytics workspace resource id.
  • To get that id navigate to resource explorer
  • Under resource explorer
  • Select your subscription and then select resource group

Once you get the resource explorer click on subscription and then navigate all the resources till the one you want to operate on

Now that we have the workspace resourceid, you just need to add the table name and API information to run the necessary command.

By running the GET command throughARMClient, passing the resource id

ARMClient.exe get “/subscriptions/9df78e42-893b-4152-b04ff80674a99c67/resourceGroups/SmartAppsCOM-rg/

Now when we get the retention period we can set the retention according to our need by below ARM command

ARMClient.exe put “/subscriptions/9df78e42-893b-4152-b04f-f80674a99c67/
resourceGroups/SmartAppsCOM-rg/providers/Microsoft.OperationalInsights/workspaces/sa-production-loganalytics/tables/InsightsMetrics?api-version=2017-04-26-preview” “{‘properties’:{‘retentionInDays’:7}}”

But if you want to set it back. You can use null value. Use below command

ARMClient.exeput”/subscriptions/9df78e42-893b-4152-b04f-f80674a99c67/resourceGroups/SmartAppsCOM-rg/providers/Microsoft.OperationalInsights/workspaces/sa-production-loganalytics/Tables/InsightsMetrics?api-version=2017-04-26-preview” “{‘properties’:{‘retentionInDays’:null}}”

We are done with the retention period

Share on facebook
Share on twitter
Share on linkedin
Share on google
Share on whatsapp
Share on email
What Is Microsoft Azure Used For [2021]

What Is Microsoft Azure Used for [2021]

Reading Time: 2 minutes

Microsoft Azure is a powerful cloud computing platform launched in February 2010. Azure is an ideal solution for businesses and enterprises to extend capabilities, solve challenges, and build innovative solutions.

Currently, there are 42 data centers worldwide for Microsoft Azure.

Azure solutions comprise software as a service (SaaS), infrastructure as a service (IaaS), and platform as a service (PaaS) used for virtual computing, analytics, storage, and networking services.But the question most companies ask is, what is Microsoft azure used for? How does it work? How can it benefit them?

If you’re also seeking answers to such questions, you’ve come to the right place. We’ll answer all these questions and simplify ways it can maximize your businesses’ efficiency and benefits.

Microsoft Azure allows users to utilize Microsoft’s cloud services and resources to store and manage data. Additionally, It supports many programming languages, such as Java, C#, and Node Js.

What is Microsoft Azure Used for?

Companies and enterprises across the globe use Microsoft Azure for computing, networking, IoT, artificial intelligence, storage, integration, security, developer tools, DevOps, web services, and other machine learning.

Azure users can not just develop, test, and host web applications to keep them running without interruptions. They get a data storage facility, can create virtual machines, integrate virtual devices and directories, collect and save metrics,

Is Microsoft Azure Free?

The best thing about Microsoft Azure is that it’s free to start and utilizes a pay-per-use model. Simply put, users only pay for the required services.

Users get free access to multiple products— Linux Virtual Machines, Windows Virtual Machines, Managed Disks, Media Services-Encoding, Load Balancer, Blob storage, File Storage, SQL Database, VPN Gateway, Azure Database for PostgreSQL, and many more.

How Many Customers Does Azure Have?

More than 94% of Fortune 500 hundred companies employ Microsoft Azure to meet their cloud computing requirements. Microsoft Azure doesn’t reveal the number of current customers. But as per Microsoft’s 2020 Q2 report, Azure revenue growth is on the rise, and enterprise adoption was up 3% to 55% in a year.

Why Microsoft Azure?

Azure is the ultimate solution that offers advanced site recovery, unmatched flexibilities, and built-in integration to perform backup and disaster recovery seamlessly.

Azure users can host and build adaptive web and mobile apps to accelerate business operations, leverage Active Directory integration and IoT industry solutions. 

If you are also looking for a reliable and efficient cloud computing solution for your business, you can get a free trial and use Azure services.

Moreover, you can connect with our Microsoft Azure Cloud Consulting Services to know more about Microsoft Azure and plan Azure implementation for your business needs.

We create innovative and business-oriented Azure solutions for businesses and enterprises to help them optimize and streamline operations.

Share on facebook
Share on twitter
Share on linkedin
Share on telegram
Share on whatsapp
Share on email
shows Integrate Postman With Azure Devops

Integrate Postman With Azure Devops

Reading Time: 6 minutes

We would be going through the steps to automate the CICD pipeline, reporting and integrating Postman with Azure DevOps for Automation.

Postman Introduction:

Postman has better GUI and features. It’s a powerful tool when developing automated tests, it helps visualize details of each iteration and test results but does not allow the desktop or Mobile testing. 

Postman is a tool for API development. Postman’s features simplify each step of building an API and testing it. It offers the possibility to automate manual tests and integrate them into your CI/CD pipeline to ensure that any code changes won’t introduce regressions in Production.

Requests in Postman are organised in collections and folders. Postman contains a collection runner that is useful when you want to automate API testing. When you run a collection, you send all requests in your collection one after another.

Limitation of Postman:

Now postman is not given any option to associate postman test case to DevOps test case. occasional crashes linked to memory issues. To remediate those issues, we are going to use the CLI tool of Postman called Newman and a custom reporter that generates detailed reports. Read more about Newman here (

Prerequisites:- (If don’t have, So please follow below point to how to install this)

  • Installed Postman API tool
  • Node.js with the latest version (v12.16.3) below also working.
  • NPM it’s also built with node js if not so that you need to install the latest version (6.14.4).
  • Newman with the latest version (5.0.0).
  • Azure DevOps Service Account with the required permission.

Below points, we will cover step by step…

  1. How to install and run Newman on command prompt
  2. How to configure postman API tests to Azure DevOps or TFS using Newman?
  3. How to publish HTML Results in Azure DevOps or TFS?

Step 1: Install Node (You may skip this step if you already have Node installed)

Follow the steps to download Node which is specific to your CI’s platform. 

Step 2: Install Newman (You may skip this step if you already have Newman installed)

Newman is a command-line tool that allows you to run a collection in your local development environment or on your own server. The following command installs Newman.

npm install -g newman

Reporter installing command

npm install -g newman-reporter-htmlextra

Step 3: Export postman Tests Collection In your postman tool Test Collection (looks like a folder) on the Left Side you see 3 dots (Point 1) Click on that, from the menu choose to export (point 2), And saved file with .json on your local machine folder, And for the environment & Global variables also download with .json in the same folder (See snapshot)

Collection window export option
Management environments window
Export collection image

Step 4: Run Newman

Run the following Newman command with the appropriate parameters:

{Your folder path}newman run {Collection.json} -e globals.json –reporters cli,junit –reporter-junit-export Results\junitReport.xml


If you need to provide an environment to the collection, change the above command to the following:

{Your folder path}newman run {Collection.json} -e environment.json –reporters cli,junit –reporter-junit-export Results\junitReport.xml

Caommand prompt page

Before running the pipeline you have to push your collection files on repository

Now in this blog, we are going to push code on azure repository below option repos.

Dashboard image

After pushing the code, click on Pipeline >> New Pipeline

Pipeline section

Next, Choose to Use the classic editor

classic editor option page for pipeline

Choose your Repository & Continue

Select different source page

From the template Choose an empty job

Template selection page

Name your pipeline and Choose Agent

i.Ensure your Get Sources pointing to correct repository   
Click on the Get Sources modify the following   
Repository: Should be pointing to correct repository where your postman test collection is located
Default branch: Choose the correct branch (typically this will be master branch)   
Clean: Set the clean option to true (default is false, modify from the dropdown)  
Clean Options: Set clean option to Source

Azure repos git under select source

j. Modify Agent job 1 property 
Display Name: Any name which you like (ex: Postman API Automation)    
Agent pool: Choose the correct Agent pool from the drop-down

Agent job/ Run agent under azure API automation

Adding build tasks to Azure DevOps / TFS build pipeline

A. Add Command Line Steps to install Newman in your build agent
i. Click on + button in your agent panel (Refer Image)
ii. Search for task Command Line (Refer Image)
iii. Click on Add

Command line function under task

B. Configure Command Line task to install new man
Display name: Mention task name as Install Newman
Script: npm install -g Newman
Click on Advanced section and choose Working directory
Working Directory : $(System.DefaultWorkingDirectory)
Note: $(System.DefaultWorkingDirectory) is inbuilt Azure DevOps variable which will point to your source code (Know more about Azure DevOps Variable)

Install newmen function image

C. Add task to run Postman tests in Newman
i. Add one more command-line task as discussed above
ii. Modify newly added second command-line task
Display name: Newman-Postman
Script :Newman run {your Collection} -e environment.json –reporters cli,junit –reporter-junit-export Results\junitReport.xml
Working Directory: Choose Correct Directory where your tests are located in git repository and folder (You can optionally use the option “…” (3 dots right to this textbox manually search the folder)
Control Options: Continue on Error (Check the Checkbox)

Newmen- postmen functionality

Note: Few lines about Script, the command we entered in the script is to run the postman tests in Newman tool
If you are not using the environment variable simply use like below
newman run <your collection> –reporters cli,junit –reporter-junit-export Results\junitReport.xml
If you are using environment variable you need to mention the environment variable json file which you exported at the beginning use like below
newman run <yourcollection> -e <your_environmentfile> –reporters cli,junit –reporter-junit-export Results\junitReport.xml

What happens after the execution of this step?
1. Executes All the postman tests
2. Creates a directory called Results in the Working Folder which you mentioned in option
3. Creates junitReport.xml Results File inside the Results Folder
In the above command — reporters cli,junit — reporter-junit-export Results\junitReport.xml This line is responsible for generating results.
Results are folder name and junitReport.xml is the file name (Optionally you can modify it to any name).
— reporters cli,junit With this line we are specifying output as junit and command line interface both. because we want to see the result in both command line and html format.

3. How to publish HTML Results in Azure DevOps or TFS?
Add a task to Publish the Result

Click on The + button on the Agent panel
Search for the Task Publish Test Results and Click on ADD

publish test result option page

Modify Publish Result Task
Display name: Publish Test Results
Test Result Format: Junit
Test Result Files : $(System.DefaultWorkingDirectory)\Results\*.xml
(In your case it might be different this should point to the file where your junitReport.xml file is located in the previous step.)
Upload test results files: Check the Checkbox
Please note that you will see that “unable to find the filename after execution if this path is wrong”, so please always do a double check on this.

information contains under publish test result page

Finally, click on Save & Queue so the build runs now.

Verifying the results after execution
If you have configured everything properly, as expected all the tasks should pass and will look like below

Highlight postmen API automation function

Viewing the Test Summary when clicking the browser back,
Click on the Tests tab to view the Test Summary.

shows over all summary
Graphical bar of company

Integrate Katalon with Azure DevOps

Reading Time: 3 minutes

As I am going to write a blog series over Automation using Katalon Studio and Azure DevOps. I’ll cover all the topics including Automation in CICD pipeline, Reporting, Association of Test Cases, and many more in the different blog posts.

In this blog post of the series, we will see how we can integrate Katalon with Azure DevOps with Automation.


Katalon Studio is a powerful automation tool to simplify Web, API, Mobile, Desktop Automated Tests. It can be utilized for integration with popular CI/CD tools such as Azure DevOps, Jenkins, TeamCity, etc.

You need to have Katalon Studio version 7.0.0 or later to use the Azure DevOps extension.

This extension is NOT available for Linux.

  • Must have a Trial or Valid License (Always use your business email for trial Account).
  • Azure DevOps Service Account with the required permission.
  • Installation of Katalon for Azure DevOps extension.
  • Katalon Studio command for console mode execution.
  • The command will invoke Katalon Studio Tests task for execution so a Katalon build is needed for each execution.

So, let’s begin, please follow the below steps.


I am assuming you have signup on the Katalon Portal with your business account and downloaded the latest Katalon Studio.

In my case, I am using a trial license and Katalon Studio 7.3.1 to integrate Katalon with Azure DevOps. You can use a trial license which will provide access to all the features for a limited time period.


Go to this link to install Katalon for Azure DevOps extension. Once you have installed the extension, you will need to configure to execute the Katalon Studio Tests task to complete the integration.


If you already have a repo for the Katalon project on Git or Azure, then go to step 4, otherwise follow the below steps.

In Azure DevOps, I have created a separate Project for demo purposes. Inside that project, I have created a repository by importing a sample Webservice project from Katalon Git Repositories. You can use your own custom Katalon Project.

You can also create an empty repository on Azure and make a clone on your local machine. After that put your katalon project in that folder and commit those changes.

single window with different functionality

Regarding the Command Arguments, you can generate them from your Katalon Studio.

Click on Build CMD icon in Katalon Studio Tool. Click on the Browse button and select your Test Suit. Now click on the Generate Command button.

Note: Please leave out any irrelevant arguments such as -runmode-apiKeyOnPremises, etc.

step by step guidance to generate command for console mode

Now go to Pipeline in Azure DevOps to add Katalon Task.

  • If you are using Classic Editor to create a pipeline without YAML then you will get a screen like this. Search for Katalon and then click on the Add button.
step by step guidance to execute Katalon Studio Test

After adding the task, Now define the version of your Katalon Studio and Command Argument.

details form under Katalon Studio project

You can give your project path as given below by adding the relative path of your .prj file to D:\a\1\s\.

If you are using the Yaml option to create an azure pipeline. Search for Katalon and click on Task.

pipeline YAML Window

Now define the version of your Katalon Studio and Command Argument and click on Add button.

Azure pipeline YAML Window

 Now Save the pipeline and run it manually.

execute Katalon Studio project page

In the next blog post, I’ll write down about Reporting in Azure DevOps using Katalon.

Microsoft CRM Reporting

How to optimize automation using Azure DevOps

Reading Time: 3 minutes

In this blog, we are discussing a feature of DevOps by which we can optimize automation. Manual testing is out fashioned yet it is still important but if we work on big projects we always feel the testing phase should be performed rapidly. Here at moreYeahs we are optimizing automation using DevOps.

We are using selenium to do automation for testing of the dynamics CRM project. Using the .net Unit test project we created test cases. Under the TestClasses, we defined TestMethod which is basically test cases. Test Classes categories type of test. For best practice, we should always have some basic test cases which need to be performed each time we create a new build to do further development.

Before doing all these we need to write test cases that contain test steps. Test Steps describe the execution steps and expected results that are documented against each one of those steps. Each step is marked pass or fail based on the comparison result between the expected and actual outcomes.

basic step test

Save test case and copy its id.

Now we need to associate this test to our unit project for it we need to place code on the repository. From the test explorer, we need to associate the test as below.

Save test case and copy its id.
From the test explorer, we need to associate the test as below.

You need to add the ID of the test case created in azure DevOps’s test case.

You need to add the ID of the test case created in azure DevOps’s test case.

You got the link of a test case in ID column which directly opens into azure DevOps.

Here we are ready enough to use one of the most useful features of DevOps which provide true automation. Azure Pipelines is a cloud service that you can use to automatically build and test your code project and make it available to other users. It works with just about any language or project type. Azure Pipelines combines continuous integration (CI) and continuous delivery (CD) to constantly and consistently test and build your code and ship it to any target. Azure Pipeline is its self topic which I will cover on the next blog. Here I would like to discuss the pipeline that will automate the test cases.

Before creating a pipeline we need to create a configuration of test plan in Azure DevOps. The configuration is a platform on which the test code will run. Like which OS to use, which browser to use, etc. All these definitions provided in the configuration.

You got the link of a test case in ID column which directly opens into azure DevOps.

We need to assign a configuration to test suits so suits will use configuration to run its test cases.

The configuration platform

Now we are good to use pipeline’s vsTest task add it into a pipeline and configure it below.

Select test plan from the dropdown, select test suits, select test configuration.

check Test mix contains UI test as it is automation we need to check this.

Save and queue the pipeline and run it

Save and queue the pipeline and run it. you can see real-time logs as tasks are running.

We can get a summary of test cases also we can get logs of fail test cases.

We can get a summary of test cases also we can get logs of fail test cases. All these features going to provide ease in the development process and help develop more effective softwares.

Person using laptop

Project Development + Azure DevOps = Happy Developers

Reading Time: 3 minutes



Azure DevOps having a bunch of tools for developing and deploying end-to-end software. It has a very efficient capability to integrate with various leading tools used in software development. We don’t need to worry about language, a platform it supports most of it and provides you the ease of managing software development.



  • Azure Boards:
    You have to accept that while working on the project your team need various tool to manage their work items. Azure Board going to provide your team bunch of tools and services that manage the work for your software projects. With integrated reporting, customizable dashboard, managing your scrums meeting.
Fabrikam Fiber Board

Azure Pipelines:
This is the most exciting feature when it is an action that gives us the power to automatically build and test your project and provide it to other users as well. It flexible for any language or project type.
Azure Pipelines combines continuous integration (CI) and continuous delivery (CD) to constantly and consistently test and build your code and ship it to any target.

CI/CD Pipline
  • Azure Repos:
    Manage your code with version control tools provides you trackability on every check-in check-out. Working as a team we always need version control for a project code. Its always good practice to implement it.Azure Repos provides two types of version control: 1)Git: distributed version control 2)Team Foundation Version Control (TFVC): centralized version control
  • Azure Artifacts:
    With Azure Artifacts you can create and share Maven, npm, and NuGet package feeds from public and private sources with teams of any size. You can add fully integrated package management to your continuous integration/continuous delivery (CI/CD) pipelines with a single click.
Azure Artifact
  • Azure Test Plans:
    Quality is a vital aspect of software systems, and manual testing and exploratory testing continue to be an important technique for maximizing this. In today’s software development processes, everybody in the team owns quality – including developers, managers, product owners, user experience advocates, and more.Azure DevOps and TFS provide rich and powerful tools everyone in the team can use to drive quality and collaboration throughout the development process. The easy-to-use, browser-based test management solution provides all the capabilities required for planned manual testing, user acceptance testing, exploratory testing, and gathering feedback from stakeholders.
Test Plan - Web Team
2 person working on laptop

Azure Active Directory integration with SharePoint on-premises

Reading Time: 8 minutes

Integrating SharePoint on-premises with Azure AD provides you with the following benefits:

  • You can control in Azure AD who has access to SharePoint on-premises.
  • You can enable your users to be automatically signed-in to SharePoint on-premises (Single Sign-On) with their Azure AD accounts.
  • You can manage your accounts in one central location – the Azure portal.

To configure Azure AD integration with SharePoint on-premises, you need the following items:

  • An Azure AD subscription. If you don’t have an Azure AD environment, you can get a free account
  • SharePoint on-premises single sign-on enabled subscription

1. Adding SharePoint on-premises from the gallery

2. Configure Azure AD single sign-on

3. Configure SharePoint on-premises Single Sign-On

4. Enable Azure Authentication provider to Sharepoint Web application

5. Setup People picker to assign permission to the SharePoint site

6. Test the single-sign-on

let’s start with the real steps…


To configure the integration of SharePoint on-premises into Azure AD, you need to add SharePoint on-premises from the gallery to your list of managed SaaS apps.

To add SharePoint on-premises from the gallery, perform the following steps:

a). In the Azure portal, on the left navigation panel, click the Azure Active Directory icon.

Azure Active Directory

b). Navigate to Enterprise Applications and then select the All Applications option.

enterprise applications

c). To add a new application, click New application button on the top of the dialog.

New applcation button

d). In the search box, type SharePoint on-premises, select SharePoint on-premises from result panel then click Add button to add the application.

search new app
Add from the gallery

In this section, you enable Azure AD single sign-on in the Azure portal.

To configure Azure AD single sign-on with SharePoint on-premises, perform the following steps:

  1. In the Azure portal, on the SharePoint on-premises application integration page, select Single sign-on.

2. On the Select a Single sign-on method dialog, select SAML/WS-Fed mode to enable single sign-on.

Select a single sing on method

3. On the Setup Single Sign-On with SAML page, click Edit icon to open Basic SAML Configuration dialog.

Setup Single Sign-On with SAML

4. On the Basic SAML Configuration section, perform the following steps:

Basic SAML Configuration
5.  a. In the Sign-on URL text box, type a URL using the following pattern: b. In the Identifier box, type a URL using the following pattern: urn:sharepoint:federation c. In the Reply URL text box, type a URL using the following pattern:

6.  On the Set up Single Sign-On with SAML page, in the SAML Signing Certificate section, click Download to download the Certificate (Base64) from the given options as per your requirement and save it on your computer.
Set up Single Sign-On with SAML
Note Please note down the file path to which you have downloaded the certificate file, as you need to use it later in the PowerShell script for configuration.

7. On the Set up SharePoint on-premises section, copy the appropriate URL(s) as per your requirement. For Single Sign-On Service URL, use a value of the following pattern: is the tenant id of Azure Ad subscription.

Set up SharePoint on-premises

Sharepoint On-Premises application uses SAML 1.1 token, so Azure AD expects WS Fed request from the SharePoint server and after authentication, it issues the SAML 1.1. token.

  1. In a different web browser window, sign in to your SharePoint on-premises company site as an administrator.
  2. Configure a new trusted identity provider in SharePoint Server 2016Sign into the SharePoint Server 2016 server and open the SharePoint 2016 Management Shell. Fill in the values of $realm (Identifier value from the SharePoint on-premises Domain and URLs section in the Azure portal), $wsfedurl (Single Sign-On Service URL), and $filepath (file path to which you have downloaded the certificate file) from Azure portal and run the following commands to configure a new trusted identity provider.


a. In Central Administration, navigate to Manage Web Application and select the web application that you wish to secure with Azure AD.

b. In the ribbon, click Authentication Providers and choose the zone that you wish to use.

c. Select Trusted Identity provider and select the identity provider you just registered named AzureAD.

d. On the sign-in page URL setting, select Custom sign in page and provide the value “/_trust/”.

e. Click OK.

Authentication Providers

Download the People picker form this link –

  • -Download AzureCP.wsp.
  • -Install and deploy the solution:
    Open Sharepoint management shell and run below command
    Add-SPSolution -LiteralPath "F:\Data\Dev\AzureCP.wsp"Install-SPSolution -Identity “AzureCP.wsp” -GACDeployment
  • Associate AzureCP with a SPTrustedIdentityTokenIssuer:
    $trust = Get-SPTrustedIdentityTokenIssuer "AzureAD"$trust.ClaimProviderName = “AzureCP”
  • Visit central administration > System Settings > Manage farm solutions: Wait until solution status shows “Deployed”.
  • Update assembly manually on SharePoint servers that do not run the service “Microsoft SharePoint Foundation Web Application” (see below for more details).
  • Restart IIS service and SharePoint timer service on each SharePoint server.

    Sign in to the Azure portal and browse to your Azure Active Directory tenant

    Go to “App Registrations” > “New registration” > Type the following information:

    Name: e.g. AzureCP
    Supported account types: “Accounts in this organizational directory only (TenantName)”

    Click on “Register”

    Note: Copy the “Application (client) ID”: it is required by AzureCP to add a tenant.

    Click on “API permissions” and remove the permission added by default.

    Click on “Add a permission” > Select “Microsoft Graph” > “Application permissions” > Directory > Directory.Read.All > click “Add permissions”

    Click on “Grant admin consent for TenantName” > Yes

    Note: “After this operation, you should have only the Microsoft Graph > Directory.Read.All permission, of type “Application”, with admin consent granted.

    Click on “Certificates & secrets” > “New client secret”: Type a description, choose a duration and validate.

    Note: Copy the client secret value: it is required by AzureCP to add a tenant.

  • Configure AzureCP for your environment.
    Go to SharePoint Central administration and select AzureCP

Click to Global Configuration and fill the below detail-
Azure Tenant Name –
Application ID –  Which is copied at the time of App registration
Application Secret – Which is copied at the time of App registration

Global Configuration and fill the below detail

The user or group must be granted access to the application in SharePoint on-premises. Use the following steps to set the permissions to access the web application.
        Note-*  For the group, we have to update the manifest file of registered SharePoint-On-premises application, In the manifest file update the below the property.
        Modify groupMembershipClaimsNULL, To groupMembershipClaimsSecurityGroup. Then, click on Save


Now lest assign the permission- In Central Administration, click on Application Management, Manage web applications, then select the web application to activate the ribbon and click on User Policy.

Application Management, Manage web applications

Under Policy for Web Application, click on Add Users, then select the zone, click on Next. Click on the Address Book.

Under Policy for Web Application

Then, search for and add the Azure Active Directory Security Group and click on OK.

Azure Active Directory Security

See under Policy for Web Application, the Azure Active Directory Group is added. The group claim shows the Azure Active Directory Security Group Object ID for the User Name.

Azure Active Directory Group

See under Policy for Web Application, the Azure Active Directory Group is added. The group claim shows the Azure Active Directory Security Group Object ID for the User Name.

Azure Active Directory Group is added

Browse to the SharePoint site collection and add the Group or user there, as well. Click on Site Settings, then click Site permissions and Grant Permissions. Search for the Group Role claim, assign the permission level and click Share.

Site permissions

Before the test, the single-sign-on, Let’s configure the seamless authentication setting so that internal users can auto-login to the SharePoint site with their windows logged-in account(Machine should be domain joined )
Here I will only show you the Group policy part, reaming AAD connector configuration you can do by following this article –

  1. Open the Group Policy Management Editor tool.
  2. Edit the group policy that’s applied to some or all your users. This example uses the Default Domain Policy.
  3. Browse to User Configuration > Policy > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page. Then select Site to Zone Assignment List.
4. Enable the policy, and then enter the following values in the dialog box:
  • Value name: The Azure AD URL where the Kerberos tickets are forwarded.
  • Value (Data): 1 indicates the Intranet zone.The result looks like this:Value name: https://autologon.microsoftazuread-sso.comValue (Data): 1
Enable the policy
5. Browse to User Configuration > Policy > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page > Intranet Zone. Then select Allow updates to the status bar via script.
Allow updates to the status bar via script

6. Enable the policy setting, and then select OK.

Enable the policy setting, and then select OK

To test the feature for a specific user, ensure that all the following conditions are in place:

  • The user signs in on a corporate device.
  • The device is joined to your Active Directory domain. The device doesn’t need to be Azure AD Joined.
  • The device has a direct connection to your domain controller (DC), either on the corporate wired or wireless network or via a remote access connection, such as a VPN connection.
  • You have rolled out the feature to this user through Group Policy.

To test the scenario where the user enters only the username, but not the password:

  • Sign in to in a new private browser session.

To test the scenario where the user doesn’t have to enter the username or the password, use one of these steps:

  • Sign in to in a new private browser session. Replace contoso with your tenant’s name.
  • Sign in to in a new private browser session. Replace with a verified domain (not a federated domain) on your tenant.



Thank You


Reference link –