Sync Microsoft Entra ID with School Manager

This article is for IT Support.

Entra ID (formally Azure Active Directory) is Microsoft’s cloud-based identity and access management solution. Entra ID can sync users and groups from Active Directory, Microsoft Teams, or Office 365 for authentication in School Manager. Additionally, once Entra ID groups have been synced, you can use the Groups to manage classrooms in Classwize.

  1. Go to Configuration > Authentication > Microsoft Entra ID.
  2. Select Enabled.
  3. Select Sync Hidden Group Memberships to sync groups created by Microsoft School Data Sync (SDS) with the “HiddenMemberships” property.
  4. Select the Group Name Field or Group Description.
    Entra ID will populate the Name column in Configuration > Users and Groups > Groups with the group name or group description.
  5. (Optional) Select Advanced Configuration then Strip Domain to allow users to log in as your.name instead of your.name@schoolname.com

    Important

    will only strip the specified domain, if your school has other secondary domains, this will not remove the domain from those users.

  6. Select Submit.

Link Entra ID

Warning

School Manager will sync all tenancy users when your school is part of a multi-tenancy domain.

  1. Use your domain administrator or global administrator Entra ID credentials to sign into Microsoft when prompted.
  2. Accept the permission requests:
    • Read directory data
    • Read all groups
    • Access the directory as the signed-in user
    • Read all users’ full profiles
    • Sign in and read the user profile
  3. Select Run Sync.

Troubleshooting Entra ID Sync

"Sorry, but we're having trouble with signing you in."

Ensure you use the correct domain controller associated with your school's Entra ID account.

"Need admin approval."

Ensure your domain administrator account has the Global Administrator permissions in Entra ID.

Troubleshooting “Sync Status: Failed” in School Manager

You can use this list of error messages to troubleshoot sync errors in School Manager. If sync continues to fail, contact Linewize Support and provide the displayed error.

Error Message How to resolve
400 - Your access token has expired. Please renew it before submitting the request.

Invalid credentials can cause this.

  1. Confirm the username and password for the linked account are correct and re-enter them in School Manager.
Entra ID Access Token Entra ID Sync is set up and enabled, but the Entra ID Credentials are not linked.
  1. Link your Entra ID account by selecting Link Credentials under the “Entra ID Credentials” section.
  2. After the correct account is linked, select Run Sync.
Error:invalid_request

Entra ID Domain is not in a valid format.

  1. Check your school’s domain is spelt correctly and there are no unsupported special characters. You can only enter one domain, not multiple.
Was this article helpful?
0 out of 0 found this helpful
Share

Comments

0 comments

Please sign in to leave a comment.