<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=578826073428599&amp;ev=PageView&amp;noscript=1">

Search the Remotely Knowledge Base

Remotely Quick Start Guide

Monday, 01-09-2023

Introduction

This quick start section of the Remotely Getting Started User Guide is intended for experienced Azure administrators familiar with the process of onboarding cloud applications. A complete walk-through of the process can be found in the Guided Setup section. 

Prerequisites 

To utilize the full feature set of the Remotely service you must configure an Enterprise Application and Service Principal within Azure. The Remotely Service will operate with limited features in the event you do not configure the Azure Cloud components.  

Required Permissions 

For Remotely RMM to connect and ingest data from an Azure tenant, the following permissions must be configured for an enterprise application. If you are unfamiliar with configuring an Azure application, please refer to Microsoft's Creating an Enterprise Application documentation.

API Graph Claim Value Permissions Type
Microsoft Graph  DeviceManagementConfiguration.Read.All  Read Microsoft Intune device configuration and policies  Application
Microsoft Graph  DeviceManagementManagedDevices.ReadWrite.All  Read Microsoft Intune devices  Application
Microsoft Graph  Directory.Read.All  Read directory data  Application 
Microsoft Graph  offline_access  Maintain access to data you have given it access to  Delegation
Microsoft Graph  openid  Sign users in  Delegation
Microsoft Graph  Organization.Read.All  Read organization data  Application
Microsoft Graph  profile View users' basic profile  Delegation
Microsoft Graph  SecurityAlert.Read.All  Read all security alerts  Application
Microsoft Graph  SecurityEvents.Read.All  Read your organization's security events  Application
Microsoft Graph  User.Read  Sign in and read user profile  Delegation
WindowsDefenderATP  Alert.Read.All  Read all alerts   Application
WindowsDefenderATP  Machine.Read.All  Read all machine profiles   Application
WindowsDefenderATP  Score.Read.All  Read Threat and Vulnerability Management score  Application
WindowsDefenderATP  SecurityRecommendation.Read.All  Read Threat and Vulnerability Management security recommendations   Application
WindowsDefenderATP  Software.Read.All  Read Threat and Vulnerability Management software information  Application
WindowsDefenderATP  Vulnerability.Read.All  Read Threat and Vulnerability Management vulnerability information  Application

 

Application Registration Information 

To enable application registration, Azure requires three data points from your Azure Tenant: 

  • Application (Client) ID 
  • Directory (Tenant) ID 
  • Application Secret

remotely_documentation__application_registration

For instructions on where to collect and configure these data points please refer to the corresponding paragraphs within the Guided Setup section.