Notifications
Clear all
Topic starter
Good afternoon,
We are an EMR 9.12 shop and we are planning for the next Phase of our 9.12 implementation. This phase will include Microsoft AD integration and Azure AD integration (once the appropriate ACM and SMPP versions are available in GA).
We are writing to ask if any other organizations have begun *testing* the Azure setup and integration piece in an EMR test environment. If so, we would be grateful to hear of your experiences - any lessons learned etc.
Thank you.
Verna
Posted : May 16, 2018 8:25 am
Hi,
Did you get any helpful information about azure integration? We are on the same boat getting ready for cps 12.3 upgrade.
Thanks.
Posted : June 22, 2018 1:27 am
The GE directions look pretty straight forward but I haven't pulled the trigger yet because I have some questions about internal/external domains. We have a different domain internally so we would use the [email protected] instead of [email protected]. GE "recommends" the latter so I am hesitant to do until I am aware of any pitfalls down the road. To change my internal domain to match my external domain is a process. With the domain rename tool it is easy to do but you usually run into problems or have to keep making corrections as you encounter the old domain name. It is sometimes easier to export users then create a new domain and import the users back.
Anyone have any input here?
Mike Zavolas
Tallahassee Neurological Clinic
Posted : June 25, 2018 5:13 am
Anyone else who has setup Azure and cps12.3.1 and would like to share their experiences? What worked, what didn't work so on and so forth? Much appreciated. Thanks.
Posted : June 27, 2018 1:48 am
any one know if we need the azure Ad premium for this? and what's the azure ad connect heatlh agent that failed when i installed the ad connect?
Posted : July 11, 2018 4:16 am
I got this to work yesterday, following the directions of "Centricity Integration with Azure" document.
Azure setup was done last week...
I set up the free Azure with the option to go to Office 365 someday if I really want or if GE forces the issue. I am told that this is the easier way because if you decide to not provision for Office 365 and try to add it later you pretty much have to redo your provisioning for your domain. There is no mention of this in the GE document. I did not match my internal/external domains so my FQDN for AzureAD is tncneuro.com.onmicrosoft.com. The documentation from GE says that it is OK to do this but they encourage the other option of matching internal/external for some reason. I hope they don't change this down the road because it would be a huge project for me to change.
The GE part...
It seemed to work up until a restart which just sort of happened without too much warning. After the reboot things went downhill for a bit. Before I began I had some issues with the server saying that scripts are not allowed to be run. After looking into it I saw that the server was not disallowing it, contrary to the Microsoft documentation description of default settings so I expressly allowed all scripting to be run for the powershell session with "powershell.exe -ExecutionPolicy Unrestricted". That is a parameter which lasts only as long as the powershell session is running so the reboot restarted the powershell script without the exception I initially defined. I restarted the powershell session and the script and the setup re-ran without a reboot so I was able to get it installed.
I got the following so I assume I am good to go. I am not sure if any testing can be done to test AzureAD features in a test environment.
===================================================
JBoss service has finished deploying.
Running tests to verify installation?
Enter Y to continue, or N to cancel.: y
Checking if all of the components are deployed successfully.
JBoss server deployment is successfully.
Checking if the secret store is configured correctly.
Jul 17, 2018 5:23:18 PM org.picketbox.plugins.vault.PicketBoxSecurityVault init
INFO: PBOX000361: Default Security Vault Implementation Initialized and Ready
Secret store is configured correctly.
Verifying connectivity to AAD services
Connectivity to AAD services looks good.
Verifying the AAD configuration by generating a token.
Generated a token successfully.
Installation process has completed.
If there were errors during validation, please correct them and restart this ins
tallation.
Press Enter to continue...:
Mike Zavolas
Tallahassee Neurological Clinic
Posted : July 18, 2018 12:28 am
I have setup azure ad directory as a test but now i want to remove it. does anyone know how to remove azure ad connect and delete the directory for a clean start? I uninstalled ad connect from the server, but in azure it won't let me delete the directory because the users are not deleted. And i can't delete the users.
Posted : April 25, 2019 7:59 am
This article may be of some help. I haven't done it myself but it is a series of Powershell commands to clean things up.
https://interworks.com/blog/mroy/2018/07/25/how-to-fully-remove-microsoft-azure-ad-connect/
Let me know if this works as it may be good to file away in case I ever need it.
Mike Zavolas
Tallahassee Neurological Clinic
Posted : April 29, 2019 1:05 am
That didn't work for me. I'm not that good with powershell but i ran the first command and i got a bunch of errors.
"unable to find repository with sourcelocation"
"no match was found for the specified search criteria and provider name 'NuGet'"
"unable to find package provider 'Nuget'.
Posted : April 29, 2019 1:16 am
is it ok to run the centricity AAD configuration script on a test environment?
Posted : April 30, 2019 9:42 am
I got the same error but it asked me if I wanted to import the Nuget provider now.
It also recommended the command to install Nuget as follows:
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Here is what I got when I ran the first command (as administrator)
Windows PowerShell
Copyright (C) 2016 Microsoft Corporation. All rights reserved.
PS C:\WINDOWS\system32>
PS C:\WINDOWS\system32> Install-Module -Name MSonline
NuGet provider is required to continue
PowerShellGet requires NuGet provider version '2.8.5.201' or newer to interact with NuGet-based repositories. The NuGet
provider must be available in 'C:\Program Files\PackageManagement\ProviderAssemblies' or
'C:\Users\serveradmin\AppData\Local\PackageManagement\ProviderAssemblies'. You can also install the NuGet provider by
running 'Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force'. Do you want PowerShellGet to install
and import the NuGet provider now?
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): y
Untrusted repository
You are installing the modules from an untrusted repository. If you trust this repository, change its
InstallationPolicy value by running the Set-PSRepository cmdlet. Are you sure you want to install the modules from
'PSGallery'?
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "N"): y
PS C:\WINDOWS\system32>
Posted : May 2, 2019 1:25 am
yeah I tried that but did not work. What worked for me was finding out the SSL 3.0 was still enabled in my test server. I turned it off and made sure TLS 1.2 was enabled. Right after that, NUGET was able to be downloaded and installed.
Posted : May 2, 2019 1:29 am
So we are going forward with the Azure setup this weekend and i just summarized what we are going to do.
1) sign up for an azure organization account. [email protected]
2) add custom domain to the tenant domain.com.
3) create a global administrator [email protected]
4) update pay as you go subscription.
5) download ad connect, install, enter [email protected] for the global admin and domain\administrator for the ADDS.
6) hopefully everything goes well and it sync afterwards.
Posted : May 3, 2019 7:52 am
