SlideShare ist ein Scribd-Unternehmen logo

Understanding Azure AD Webinar Presentation

New Horizons Ireland
New Horizons Ireland

Topics: - Understanding the identity models - Cloud identity - Synchronized identity. - Federated identity - Introduction to Azure Active Directory - Azure Active Directory Domain Services

Technologie
1 von 31
Downloaden Sie, um offline zu lesen
Microsoft Official Course Understanding Azure AD *Webinar starts at 1 pm
Jackson Felden jackson.felden@nhireland.ie https://www.linkedin.com/in/jacksonfelden/
Webinar outline – 1 hour • Overview of Azure Active Directory • Understanding the identity models - Cloud identity - Synchronized identity. - Federated identity • Azure Active Directory Domain Services
Upcoming Webinars Understanding Azure Backup for Backup solution Wednesday September 5th Understanding the Office365 features for GDPR compliance Thursday September 20th Introduction to PowerShell Friday September 21st ***Understanding Azure AD Friday October 5th Understanding the migration paths to Azure Thursday October 18th
Microsoft Official Course Overview of Azure Active Directory
Overview of Azure AD Azure Apps subscription 1 subscription 2 Azure AD is Microsoft’s multi-tenant, cloud based directory and identity management service. Azure AD combines core directory services, advanced identity governance, and application access management.
Overview of Azure AD • Microsoft-managed • Provide single sign-on • Supports users, groups, applications, and devices • Includes built-in MFA (Multi-factor Authentication) • A maximum of 500,000 objects - Free edition • No organizational units / flat structure • No GPO (Group Policy Objct0 • No support for LDAP • etc
Azure AD editions • Azure Active Directory (free) • Azure Active Directory Basic • Azure Active Directory Premium P1 • Azure Active Directory Premium P2
Managing Azure AD users, groups, and devices • Azure AD users: • Cloud identities • Directory-synchronized identities Management interfaces: • Azure portal • Windows PowerShell • Office 365 admin Center
Microsoft Official Course Understanding the identity models
Understanding the identity models Azure / Azure / Azure /
Cloud identity Pros: Very Simple No Servers on-premises Single place for user management No configuration on-premises Cons: Doesn’t support Win7 computer join Doesn’t support computer management via GPO etc Azure / Azure /
Synchronized identity Pros: Simple No big changes on-prem AD On-prem is the user “master copy” Users use the same password for on-premfor and Azure resources (“Same SignOn”) Cons: Might need a new server or VM 2 places for user management* Need to make sure the replication is always working Azure AD Connect Azure /
DirSync Synchronization Synchronization "Same SignOn" Synchronized identity - Authentication Azure AD Connect Active Directory Domain Controller Azure Active Directory Office 365 Azure Apps
Installing and configuring Azure AD Connect • Use express settings for: • Single Active Directory forest • Default synchronization settings • Use customized settings for: • Multiple forests with duplicate identities • Federation scenarios • Custom synchronization settings, for example writeback • Installing Azure AD Connect with express settings: • Installs the synchronization engine • Configures Azure AD Connector • Configures the on-premises AD DS connector • Enables password synchronization • Configures synchronization services • Configures synchronization services for Exchange hybrid deployment (optional)
Federated identity Pros: Full single sign-on Audit all logons locally On-prem AD does the authentication Passwords don’t need to be synched Better option for advanced scenarios Immediate account disable and password changes Supports sign-in restrictions by network location, client or work hours. Cons: More Complex Needs more servers Needs Active Directory Federation Services (AD FS) On-prem DCs, AD FS servers and internet link must be highly available Require a public certificate and solid domain name Azure D Connect
Federated identity - Authentication The security token contains claims about the user, such as user name, group membership, User Principal Name (UPN), email address, manager details, phone number, and other attribute values. Azure Active Directory Office 365 Azure Apps Azure AD Connect Federation with Azure AD or O365 enables users to authenticate using on-premises credentials and access all resources in cloud.
Federated identity – High Availability ISP1 ISP2
Federated identity – on Azure AD Connect AD FS Proxy AD FS Server AD FS ServerDC VPN Gateway DC VPN On-premises AD FS Proxy
Federated identity – on Azure
Understanding the identity models Azure / Azure / Azure / Note: Use the simplest identity model that meets your needs. Is possible to switch between the models when needed
Microsoft Official Course Azure AD Domain Services
Planning to deploy Active Directory domain controllers on Azure virtual machines • Reasons for placing domain controllers in Azure: Keeping authentication requests from Azure-based services within Azure Extending on-premises Active Directory to Azure Enhancing resiliency of directory synchronization and federation deployments
Azure AD Domain Services • Supports: • LDAP • Azure Active Directory domain join • NTLM • Kerberos • Group Policy • OUKey points: • Avoids domain controllers in Azure • Is highly-available service • SLA —guarantee at least 99.9% • Minimises the traffic from Azure VM to your on-prem DC • Supports your traditional directory-aware apps alongside your modern cloud apps • Must be connected to a VNET and has an IP, (client DNS) • UPN format is recommended – Jackson@nh.ie instead nhjackson • Supports On-prem AD synchronization with Azure AD connect
Azure AD Domain Services – Replication Azure AD and Azure AD Domain Services
Azure AD Domain Services – Replication On-premises AD, Azure AD and Azure AD Domain Services
Azure AD Domain Services - Setup
Azure AD Domain Services – Limitations • Cannot use Azure AD Domain Services with federated Azure AD • You cannot add domain controllers to the managed domain • You cannot connect to “domain controllers” using Remote Desktop. • You are not granted Domain Administrator or Enterprise Administrator privileges • No control over the synchronization (+-20 minutes) • AD domain/forest trusts • You cannot extend the schema • Password lifetime policy, password-does-not-expire and user- must-change-password-at-next-logon are not synchronized from your Azure AD • …
Azure AD Domain Services - pricing
Understanding the identity models Azure / Azure / Azure /
*Webinar Survey

Empfohlen

Office 365 Features for GDPR Compliance Webinar
Office 365 Features for GDPR Compliance WebinarOffice 365 Features for GDPR Compliance Webinar
Office 365 Features for GDPR Compliance Webinar
New Horizons Ireland
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure AD
New Horizons Ireland
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a service
BizTalk360
 
Webinar Understanding Azure Backup 05 Sep
Webinar Understanding Azure Backup 05 SepWebinar Understanding Azure Backup 05 Sep
Webinar Understanding Azure Backup 05 Sep
New Horizons Ireland
 
Understanding Azure Disaster Recovery
Understanding Azure Disaster RecoveryUnderstanding Azure Disaster Recovery
Understanding Azure Disaster Recovery
New Horizons Ireland
 
Understanding Migration Paths to Azure webinar 18 oct
Understanding Migration Paths to Azure webinar 18 octUnderstanding Migration Paths to Azure webinar 18 oct
Understanding Migration Paths to Azure webinar 18 oct
New Horizons Ireland
 
Azure SQL Database
Azure SQL Database Azure SQL Database
Azure SQL Database
nj-azure
 
DV03 Smooth Migration to Windows Azure
DV03 Smooth Migration to Windows AzureDV03 Smooth Migration to Windows Azure
DV03 Smooth Migration to Windows Azure
Ronald Widha
 

Empfohlen

Office 365 Features for GDPR Compliance Webinar
Office 365 Features for GDPR Compliance WebinarOffice 365 Features for GDPR Compliance Webinar
Office 365 Features for GDPR Compliance Webinar
New Horizons Ireland
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure AD
New Horizons Ireland
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a service
BizTalk360
 
Webinar Understanding Azure Backup 05 Sep
Webinar Understanding Azure Backup 05 SepWebinar Understanding Azure Backup 05 Sep
Webinar Understanding Azure Backup 05 Sep
New Horizons Ireland
 
Understanding Azure Disaster Recovery
Understanding Azure Disaster RecoveryUnderstanding Azure Disaster Recovery
Understanding Azure Disaster Recovery
New Horizons Ireland
 
Understanding Migration Paths to Azure webinar 18 oct
Understanding Migration Paths to Azure webinar 18 octUnderstanding Migration Paths to Azure webinar 18 oct
Understanding Migration Paths to Azure webinar 18 oct
New Horizons Ireland
 
Azure SQL Database
Azure SQL Database Azure SQL Database
Azure SQL Database
nj-azure
 
DV03 Smooth Migration to Windows Azure
DV03 Smooth Migration to Windows AzureDV03 Smooth Migration to Windows Azure
DV03 Smooth Migration to Windows Azure
Ronald Widha
 
Azure AD connect- Deep Dive Webinar PPT
Azure AD connect- Deep Dive Webinar PPTAzure AD connect- Deep Dive Webinar PPT
Azure AD connect- Deep Dive Webinar PPT
Radhakrishnan Govindan
 
Azure Automation and Update Management
Azure Automation and Update ManagementAzure Automation and Update Management
Azure Automation and Update Management
Udaiappa Ramachandran
 
Azure AD Connect
Azure AD ConnectAzure AD Connect
Azure AD Connect
Sasha Rosenbaum
 
Mastering azure devOps - Dot Net Tricks
Mastering azure devOps - Dot Net TricksMastering azure devOps - Dot Net Tricks
Mastering azure devOps - Dot Net Tricks
Gaurav Singh
 
Azure Active Directory, Practical Guide
Azure Active Directory, Practical GuideAzure Active Directory, Practical Guide
Azure Active Directory, Practical Guide
Sasha Rosenbaum
 
Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...
Nordic Infrastructure Conference
 
SQL ON Azure (decision-matrix)
SQL ON Azure (decision-matrix)SQL ON Azure (decision-matrix)
SQL ON Azure (decision-matrix)
PARIKSHIT SAVJANI
 
Azure from scratch part 3 By Girish Kalamati
Azure from scratch part 3 By Girish KalamatiAzure from scratch part 3 By Girish Kalamati
Azure from scratch part 3 By Girish Kalamati
Girish Kalamati
 
Azure fundamental -Introduction
Azure fundamental -IntroductionAzure fundamental -Introduction
Azure fundamental -Introduction
ManishK55
 
Intro to Azure Static Web Apps
Intro to Azure Static Web AppsIntro to Azure Static Web Apps
Intro to Azure Static Web Apps
Moaid Hathot
 
Introduction to Azure IaaS
Introduction to Azure IaaSIntroduction to Azure IaaS
Introduction to Azure IaaS
Robert Crane
 
All about Kerberos In Microsoft BI
All about Kerberos In Microsoft BIAll about Kerberos In Microsoft BI
All about Kerberos In Microsoft BI
PARIKSHIT SAVJANI
 
Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD Connect
Ronny de Jong
 
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
Michael Noel
 
Using Windows Azure for Solving Identity Management Challenges
Using Windows Azure for Solving Identity Management ChallengesUsing Windows Azure for Solving Identity Management Challenges
Using Windows Azure for Solving Identity Management Challenges
Michael Collier
 
Scu2016 Azure Best practices
Scu2016 Azure Best practicesScu2016 Azure Best practices
Scu2016 Azure Best practices
Alexandre Verkinderen
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
Önder Değer
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active Directory
Pavel Revenkov
 
Automating Your Azure Environment
Automating Your Azure EnvironmentAutomating Your Azure Environment
Automating Your Azure Environment
Michael Collier
 
Building & managing wa app wely
Building & managing wa app welyBuilding & managing wa app wely
Building & managing wa app wely
Spiffy
 
Building Hybrid Cloud Apps with Azure and Azure stack
Building Hybrid Cloud Apps with Azure and Azure stackBuilding Hybrid Cloud Apps with Azure and Azure stack
Building Hybrid Cloud Apps with Azure and Azure stack
WinWire Technologies Inc
 
Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud
Amazon Web Services
 

Weitere ähnliche Inhalte

Was ist angesagt?

Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...
Nordic Infrastructure Conference
 
Azure from scratch part 3 By Girish Kalamati
Azure from scratch part 3 By Girish KalamatiAzure from scratch part 3 By Girish Kalamati
Azure from scratch part 3 By Girish Kalamati
Girish Kalamati
 
Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD Connect
Ronny de Jong
 
Using Windows Azure for Solving Identity Management Challenges
Using Windows Azure for Solving Identity Management ChallengesUsing Windows Azure for Solving Identity Management Challenges
Using Windows Azure for Solving Identity Management Challenges
Michael Collier
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active Directory
Pavel Revenkov
 
Automating Your Azure Environment
Automating Your Azure EnvironmentAutomating Your Azure Environment
Automating Your Azure Environment
Michael Collier
 
Building & managing wa app wely
Building & managing wa app welyBuilding & managing wa app wely
Building & managing wa app wely
Spiffy
 

Was ist angesagt? (20)

Azure AD connect- Deep Dive Webinar PPT
Azure AD connect- Deep Dive Webinar PPTAzure AD connect- Deep Dive Webinar PPT
Azure AD connect- Deep Dive Webinar PPT
 
Azure Automation and Update Management
Azure Automation and Update ManagementAzure Automation and Update Management
Azure Automation and Update Management
 
Azure AD Connect
Azure AD ConnectAzure AD Connect
Azure AD Connect
 
Mastering azure devOps - Dot Net Tricks
Mastering azure devOps - Dot Net TricksMastering azure devOps - Dot Net Tricks
Mastering azure devOps - Dot Net Tricks
 
Azure Active Directory, Practical Guide
Azure Active Directory, Practical GuideAzure Active Directory, Practical Guide
Azure Active Directory, Practical Guide
 
Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...
 
SQL ON Azure (decision-matrix)
SQL ON Azure (decision-matrix)SQL ON Azure (decision-matrix)
SQL ON Azure (decision-matrix)
 
Azure from scratch part 3 By Girish Kalamati
Azure from scratch part 3 By Girish KalamatiAzure from scratch part 3 By Girish Kalamati
Azure from scratch part 3 By Girish Kalamati
 
Azure fundamental -Introduction
Azure fundamental -IntroductionAzure fundamental -Introduction
Azure fundamental -Introduction
 
Intro to Azure Static Web Apps
Intro to Azure Static Web AppsIntro to Azure Static Web Apps
Intro to Azure Static Web Apps
 
Introduction to Azure IaaS
Introduction to Azure IaaSIntroduction to Azure IaaS
Introduction to Azure IaaS
 
All about Kerberos In Microsoft BI
All about Kerberos In Microsoft BIAll about Kerberos In Microsoft BI
All about Kerberos In Microsoft BI
 
Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD Connect
 
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
Azure Active Directory Connect: Technical Deep Dive - EU Collab Summit 2018
 
Using Windows Azure for Solving Identity Management Challenges
Using Windows Azure for Solving Identity Management ChallengesUsing Windows Azure for Solving Identity Management Challenges
Using Windows Azure for Solving Identity Management Challenges
 
Scu2016 Azure Best practices
Scu2016 Azure Best practicesScu2016 Azure Best practices
Scu2016 Azure Best practices
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active Directory
 
Automating Your Azure Environment
Automating Your Azure EnvironmentAutomating Your Azure Environment
Automating Your Azure Environment
 
Building & managing wa app wely
Building & managing wa app welyBuilding & managing wa app wely
Building & managing wa app wely
 

Ähnlich wie Understanding Azure AD Webinar Presentation

Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure
Jethro Seghers
 
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
Amazon Web Services
 
Windows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudWindows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the Cloud
Chris Dufour
 
Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...
Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...
Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...
Amazon Web Services
 
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
Amazon Web Services
 

Ähnlich wie Understanding Azure AD Webinar Presentation (20)

Building Hybrid Cloud Apps with Azure and Azure stack
Building Hybrid Cloud Apps with Azure and Azure stackBuilding Hybrid Cloud Apps with Azure and Azure stack
Building Hybrid Cloud Apps with Azure and Azure stack
 
Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure
 
Office 365 Identity Management - SMBNation 2015
Office 365 Identity Management - SMBNation 2015Office 365 Identity Management - SMBNation 2015
Office 365 Identity Management - SMBNation 2015
 
Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365
 
Integrating your on-premises Active Directory with Azure and Office 365
Integrating your on-premises Active Directory with Azure and Office 365Integrating your on-premises Active Directory with Azure and Office 365
Integrating your on-premises Active Directory with Azure and Office 365
 
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander BerkouwerO365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
O365Con18 - Azure AD Connect Inside and Out - Sander Berkouwer
 
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
 
48. Azure Active Directory - Part 1
48. Azure Active Directory - Part 148. Azure Active Directory - Part 1
48. Azure Active Directory - Part 1
 
CoLabora - Identity in a World of Cloud - June 2015
CoLabora - Identity in a World of Cloud - June 2015CoLabora - Identity in a World of Cloud - June 2015
CoLabora - Identity in a World of Cloud - June 2015
 
Tokyo azure meetup #8 azure update, august
Tokyo azure meetup #8 azure update, augustTokyo azure meetup #8 azure update, august
Tokyo azure meetup #8 azure update, august
 
Tokyo azure meetup #8 - Azure Update, August
Tokyo azure meetup #8 - Azure Update, AugustTokyo azure meetup #8 - Azure Update, August
Tokyo azure meetup #8 - Azure Update, August
 
Understanding Cloud Identities - SMBNation 2015
Understanding Cloud Identities - SMBNation 2015Understanding Cloud Identities - SMBNation 2015
Understanding Cloud Identities - SMBNation 2015
 
AD Basic and Azure AD.pptx
AD Basic and Azure AD.pptxAD Basic and Azure AD.pptx
AD Basic and Azure AD.pptx
 
Windows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudWindows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the Cloud
 
Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...
Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...
Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...
 
Moving from SBS to Azure
Moving from SBS to AzureMoving from SBS to Azure
Moving from SBS to Azure
 
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
 
Hybride Cloud Infrastrukturen durch Integration mit Active Directory - AWS Cl...
Hybride Cloud Infrastrukturen durch Integration mit Active Directory - AWS Cl...Hybride Cloud Infrastrukturen durch Integration mit Active Directory - AWS Cl...
Hybride Cloud Infrastrukturen durch Integration mit Active Directory - AWS Cl...
 

Kürzlich hochgeladen

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 

Kürzlich hochgeladen (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 

Understanding Azure AD Webinar Presentation

  • 3. Webinar outline – 1 hour • Overview of Azure Active Directory • Understanding the identity models - Cloud identity - Synchronized identity. - Federated identity • Azure Active Directory Domain Services
  • 4. Upcoming Webinars Understanding Azure Backup for Backup solution Wednesday September 5th Understanding the Office365 features for GDPR compliance Thursday September 20th Introduction to PowerShell Friday September 21st ***Understanding Azure AD Friday October 5th Understanding the migration paths to Azure Thursday October 18th
  • 5. Microsoft Official Course Overview of Azure Active Directory
  • 6. Overview of Azure AD Azure Apps subscription 1 subscription 2 Azure AD is Microsoft’s multi-tenant, cloud based directory and identity management service. Azure AD combines core directory services, advanced identity governance, and application access management.
  • 7. Overview of Azure AD • Microsoft-managed • Provide single sign-on • Supports users, groups, applications, and devices • Includes built-in MFA (Multi-factor Authentication) • A maximum of 500,000 objects - Free edition • No organizational units / flat structure • No GPO (Group Policy Objct0 • No support for LDAP • etc
  • 8. Azure AD editions • Azure Active Directory (free) • Azure Active Directory Basic • Azure Active Directory Premium P1 • Azure Active Directory Premium P2
  • 9. Managing Azure AD users, groups, and devices • Azure AD users: • Cloud identities • Directory-synchronized identities Management interfaces: • Azure portal • Windows PowerShell • Office 365 admin Center
  • 11. Understanding the identity models Azure / Azure / Azure /
  • 12. Cloud identity Pros: Very Simple No Servers on-premises Single place for user management No configuration on-premises Cons: Doesn’t support Win7 computer join Doesn’t support computer management via GPO etc Azure / Azure /
  • 13. Synchronized identity Pros: Simple No big changes on-prem AD On-prem is the user “master copy” Users use the same password for on-premfor and Azure resources (“Same SignOn”) Cons: Might need a new server or VM 2 places for user management* Need to make sure the replication is always working Azure AD Connect Azure /
  • 14. DirSync Synchronization Synchronization "Same SignOn" Synchronized identity - Authentication Azure AD Connect Active Directory Domain Controller Azure Active Directory Office 365 Azure Apps
  • 15. Installing and configuring Azure AD Connect • Use express settings for: • Single Active Directory forest • Default synchronization settings • Use customized settings for: • Multiple forests with duplicate identities • Federation scenarios • Custom synchronization settings, for example writeback • Installing Azure AD Connect with express settings: • Installs the synchronization engine • Configures Azure AD Connector • Configures the on-premises AD DS connector • Enables password synchronization • Configures synchronization services • Configures synchronization services for Exchange hybrid deployment (optional)
  • 16. Federated identity Pros: Full single sign-on Audit all logons locally On-prem AD does the authentication Passwords don’t need to be synched Better option for advanced scenarios Immediate account disable and password changes Supports sign-in restrictions by network location, client or work hours. Cons: More Complex Needs more servers Needs Active Directory Federation Services (AD FS) On-prem DCs, AD FS servers and internet link must be highly available Require a public certificate and solid domain name Azure D Connect
  • 17. Federated identity - Authentication The security token contains claims about the user, such as user name, group membership, User Principal Name (UPN), email address, manager details, phone number, and other attribute values. Azure Active Directory Office 365 Azure Apps Azure AD Connect Federation with Azure AD or O365 enables users to authenticate using on-premises credentials and access all resources in cloud.
  • 18. Federated identity – High Availability ISP1 ISP2
  • 19. Federated identity – on Azure AD Connect AD FS Proxy AD FS Server AD FS ServerDC VPN Gateway DC VPN On-premises AD FS Proxy
  • 21. Understanding the identity models Azure / Azure / Azure / Note: Use the simplest identity model that meets your needs. Is possible to switch between the models when needed
  • 22. Microsoft Official Course Azure AD Domain Services
  • 23. Planning to deploy Active Directory domain controllers on Azure virtual machines • Reasons for placing domain controllers in Azure: Keeping authentication requests from Azure-based services within Azure Extending on-premises Active Directory to Azure Enhancing resiliency of directory synchronization and federation deployments
  • 24. Azure AD Domain Services • Supports: • LDAP • Azure Active Directory domain join • NTLM • Kerberos • Group Policy • OUKey points: • Avoids domain controllers in Azure • Is highly-available service • SLA —guarantee at least 99.9% • Minimises the traffic from Azure VM to your on-prem DC • Supports your traditional directory-aware apps alongside your modern cloud apps • Must be connected to a VNET and has an IP, (client DNS) • UPN format is recommended – Jackson@nh.ie instead nhjackson • Supports On-prem AD synchronization with Azure AD connect
  • 25. Azure AD Domain Services – Replication Azure AD and Azure AD Domain Services
  • 26. Azure AD Domain Services – Replication On-premises AD, Azure AD and Azure AD Domain Services
  • 27. Azure AD Domain Services - Setup
  • 28. Azure AD Domain Services – Limitations • Cannot use Azure AD Domain Services with federated Azure AD • You cannot add domain controllers to the managed domain • You cannot connect to “domain controllers” using Remote Desktop. • You are not granted Domain Administrator or Enterprise Administrator privileges • No control over the synchronization (+-20 minutes) • AD domain/forest trusts • You cannot extend the schema • Password lifetime policy, password-does-not-expire and user- must-change-password-at-next-logon are not synchronized from your Azure AD • …
  • 29. Azure AD Domain Services - pricing
  • 30. Understanding the identity models Azure / Azure / Azure /