SlideShare ist ein Scribd-Unternehmen logo

Azure Identity and access management

Als PPTX, PDF herunterladen
Dinusha Kumarasiri
Dinusha Kumarasiri

Concept of identity and how identity is used in public cloud (Azure). Various features provided by Azure AD

Technologie
1 von 15
Identity and Access Management Dinusha Kumarasiri
Agenda  Identity  Identity Management in On-premises  Azure AD  Azure AD Features  Scopes  Role Based Access Control  Identity Collaboration
Identity  Information that represent an agent (user / group)  Identity is used to authenticate against an identity provider  Used to access resources authorized for that identity
Identity management on-premises  Active Directory Domain Services  Custom  Protocols might not be compatible with cloud services  Kerberos  NTLM  LDAP
Azure Active Directory  Cloud based identity and access management service  Works as an identity provider  Can import on-premises identities to cloud
AAD Features : Authentication  Self-service password reset  Multi-Factor Authentication
AAD Features : Application Management  How do we connect with external applications?  How can we avoid using different credentials for each application?
AAD Features : Identity Protection  Automate detection and remediation of identity based risks  Investigate risks  Integrate with other platforms
AAD Features : Privileged Identity Management  Service to manage, control and monitor access to critical operations  Elevating existing permissions Just In Time (JIT)
AAD Features : Seamless Sign-on  Automatically signed into both on-premises and cloud-based applications  Pass-through authentication  Authentication agent in on-premises server  Credentials never leaves on-premises  Password hash synchronization  Azure AD stores the hash of hash of the passwords stored in on-premises AD  Azure AD Connect is used to synchronize
Scopes  Set of resources permissions, policies and costing can be applied at
Role Based Access Control (RBAC)  Access management to cloud resources  Security Principal  Role Definition
Identity Collaboration : B2B  Allow external identities to collaborate with organization  Allow external identities to use organization’s resources
Identity Collaboration : B2C  Business to customer identity as a service  Customers can use social accounts to connect
http://dinushaonline.blogspot.com @kumarasiri048

Empfohlen

Azure active directory
Azure active directoryAzure active directory
Azure active directory
Raju Kumar
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
Karina Matos
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure AD
New Horizons Ireland
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
David J Rosenthal
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
Lorenzo Barbieri
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
Venkatesh Narayanan
 
[Azure Governance] Lesson 4 : Azure Policy
[Azure Governance] Lesson 4 : Azure Policy[Azure Governance] Lesson 4 : Azure Policy
[Azure Governance] Lesson 4 : Azure Policy
☁ Hicham KADIRI ☁
 
Identity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyIdentity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor Technology
David J Rosenthal
 

Empfohlen

Azure active directory
Azure active directoryAzure active directory
Azure active directory
Raju Kumar
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
Karina Matos
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure AD
New Horizons Ireland
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
David J Rosenthal
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
Lorenzo Barbieri
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
Venkatesh Narayanan
 
[Azure Governance] Lesson 4 : Azure Policy
[Azure Governance] Lesson 4 : Azure Policy[Azure Governance] Lesson 4 : Azure Policy
[Azure Governance] Lesson 4 : Azure Policy
☁ Hicham KADIRI ☁
 
Identity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyIdentity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor Technology
David J Rosenthal
 
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Edureka!
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architecture
Karl Ots
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
Alert Logic
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
David J Rosenthal
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
Allen Brokken
 
48. Azure Active Directory - Part 1
48. Azure Active Directory - Part 148. Azure Active Directory - Part 1
48. Azure Active Directory - Part 1
Shawn Ismail
 
Azure Governance
Azure GovernanceAzure Governance
Azure Governance
Benjamin Hüpeden
 
Govern your Azure environment through Azure Policy
Govern your Azure environment through Azure PolicyGovern your Azure environment through Azure Policy
Govern your Azure environment through Azure Policy
Microsoft Tech Community
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
David J Rosenthal
 
Azure governance
Azure governanceAzure governance
Azure governance
girish goudar
 
Azure role based access control (rbac)
Azure role based access control (rbac)Azure role based access control (rbac)
Azure role based access control (rbac)
Srikanth Kappagantula
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a service
BizTalk360
 
Azure Monitoring Overview
Azure Monitoring OverviewAzure Monitoring Overview
Azure Monitoring Overview
gjuljo
 
Azure 101
Azure 101Azure 101
Azure 101
Korry Lavoie
 
Azure AD Connect
Azure AD ConnectAzure AD Connect
Azure AD Connect
Sasha Rosenbaum
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
David J Rosenthal
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information Protection
Robert Crane
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
Anoop Nair
 
Building an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance ModelBuilding an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance Model
Karl Ots
 
Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over Again
Sean Deuby
 
70 346 Managing office 365 identities
70 346 Managing office 365 identities70 346 Managing office 365 identities
70 346 Managing office 365 identities
clounoud
 

Weitere ähnliche Inhalte

Was ist angesagt?

Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
David J Rosenthal
 
Building an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance ModelBuilding an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance Model
Karl Ots
 

Was ist angesagt? (20)

Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architecture
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
48. Azure Active Directory - Part 1
48. Azure Active Directory - Part 148. Azure Active Directory - Part 1
48. Azure Active Directory - Part 1
 
Azure Governance
Azure GovernanceAzure Governance
Azure Governance
 
Govern your Azure environment through Azure Policy
Govern your Azure environment through Azure PolicyGovern your Azure environment through Azure Policy
Govern your Azure environment through Azure Policy
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
Azure governance
Azure governanceAzure governance
Azure governance
 
Azure role based access control (rbac)
Azure role based access control (rbac)Azure role based access control (rbac)
Azure role based access control (rbac)
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a service
 
Azure Monitoring Overview
Azure Monitoring OverviewAzure Monitoring Overview
Azure Monitoring Overview
 
Azure 101
Azure 101Azure 101
Azure 101
 
Azure AD Connect
Azure AD ConnectAzure AD Connect
Azure AD Connect
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information Protection
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
 
Building an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance ModelBuilding an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance Model
 

Ähnlich wie Azure Identity and access management

20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium
Robin Vermeirsch
 
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
Girish Kalamati
 
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADPremier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
uberbaum
 

Ähnlich wie Azure Identity and access management (20)

Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over Again
 
70 346 Managing office 365 identities
70 346 Managing office 365 identities70 346 Managing office 365 identities
70 346 Managing office 365 identities
 
Office 365 MCSA TechEd
Office 365 MCSA TechEdOffice 365 MCSA TechEd
Office 365 MCSA TechEd
 
Azure multi factor authentication - Global Azure bootcamp 2018 security
Azure multi factor authentication - Global Azure bootcamp 2018 securityAzure multi factor authentication - Global Azure bootcamp 2018 security
Azure multi factor authentication - Global Azure bootcamp 2018 security
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD
 
SYDSP - Office 365 and Cloud Identity - What does it mean for me?
SYDSP - Office 365 and Cloud Identity - What does it mean for me?SYDSP - Office 365 and Cloud Identity - What does it mean for me?
SYDSP - Office 365 and Cloud Identity - What does it mean for me?
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
 
JoTechies - Cloud identity
JoTechies - Cloud identityJoTechies - Cloud identity
JoTechies - Cloud identity
 
20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium
 
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
 
SCU Berlín | Cloud identity for maximum productivity
SCU Berlín | Cloud identity for maximum productivity SCU Berlín | Cloud identity for maximum productivity
SCU Berlín | Cloud identity for maximum productivity
 
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDK
 
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADPremier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?
 
Azure Day 1.pptx
Azure Day 1.pptxAzure Day 1.pptx
Azure Day 1.pptx
 
AD Basic and Azure AD.pptx
AD Basic and Azure AD.pptxAD Basic and Azure AD.pptx
AD Basic and Azure AD.pptx
 
Securing your Azure Identity Infrastructure
Securing your Azure Identity InfrastructureSecuring your Azure Identity Infrastructure
Securing your Azure Identity Infrastructure
 
20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad
 
Research paper.pptx
Research paper.pptxResearch paper.pptx
Research paper.pptx
 

Mehr von Dinusha Kumarasiri

Mehr von Dinusha Kumarasiri (20)

Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Migrating On-Premises Workloads with Azure Migrate
Migrating On-Premises Workloads with Azure MigrateMigrating On-Premises Workloads with Azure Migrate
Migrating On-Premises Workloads with Azure Migrate
 
Azure Event Hubs for Kafka.pptx
Azure Event Hubs for Kafka.pptxAzure Event Hubs for Kafka.pptx
Azure Event Hubs for Kafka.pptx
 
Future of Collaboration with Office 365.pptx
Future of Collaboration with Office 365.pptxFuture of Collaboration with Office 365.pptx
Future of Collaboration with Office 365.pptx
 
Application Development with Azure
Application Development with AzureApplication Development with Azure
Application Development with Azure
 
Building Data Solutions with Azure
Building Data Solutions with AzureBuilding Data Solutions with Azure
Building Data Solutions with Azure
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 
Real time communication with Azure Functions with Azure SignalR
Real time communication with Azure Functions with Azure SignalRReal time communication with Azure Functions with Azure SignalR
Real time communication with Azure Functions with Azure SignalR
 
Azure active directory and role based access control
Azure active directory and role based access controlAzure active directory and role based access control
Azure active directory and role based access control
 
Step into cloud
Step into cloudStep into cloud
Step into cloud
 
PowerApps and Flow
PowerApps and FlowPowerApps and Flow
PowerApps and Flow
 
PowerApps with Common Data Services
PowerApps with Common Data ServicesPowerApps with Common Data Services
PowerApps with Common Data Services
 
Automating Business Processes with SharePoint & Flow
Automating Business Processes with SharePoint & FlowAutomating Business Processes with SharePoint & Flow
Automating Business Processes with SharePoint & Flow
 
ALM with SharePoint
ALM with SharePointALM with SharePoint
ALM with SharePoint
 
Real-time web applications using SharePoint, SignalR and Azure Service Bus
Real-time web applications using SharePoint, SignalR and Azure Service BusReal-time web applications using SharePoint, SignalR and Azure Service Bus
Real-time web applications using SharePoint, SignalR and Azure Service Bus
 
SharePoint Authentication
SharePoint AuthenticationSharePoint Authentication
SharePoint Authentication
 
Data Loss Prevention in SharePoint 2016
Data Loss Prevention in SharePoint 2016Data Loss Prevention in SharePoint 2016
Data Loss Prevention in SharePoint 2016
 
Introduction to SharePoint
Introduction to SharePointIntroduction to SharePoint
Introduction to SharePoint
 
Azure notification hubs
Azure notification hubsAzure notification hubs
Azure notification hubs
 
Introduction to SharePoint
Introduction to SharePointIntroduction to SharePoint
Introduction to SharePoint
 

Kürzlich hochgeladen

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 

Kürzlich hochgeladen (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

Azure Identity and access management

  • 1. Identity and Access Management Dinusha Kumarasiri
  • 2. Agenda  Identity  Identity Management in On-premises  Azure AD  Azure AD Features  Scopes  Role Based Access Control  Identity Collaboration
  • 3. Identity  Information that represent an agent (user / group)  Identity is used to authenticate against an identity provider  Used to access resources authorized for that identity
  • 4. Identity management on-premises  Active Directory Domain Services  Custom  Protocols might not be compatible with cloud services  Kerberos  NTLM  LDAP
  • 5. Azure Active Directory  Cloud based identity and access management service  Works as an identity provider  Can import on-premises identities to cloud
  • 6. AAD Features : Authentication  Self-service password reset  Multi-Factor Authentication
  • 7. AAD Features : Application Management  How do we connect with external applications?  How can we avoid using different credentials for each application?
  • 8. AAD Features : Identity Protection  Automate detection and remediation of identity based risks  Investigate risks  Integrate with other platforms
  • 9. AAD Features : Privileged Identity Management  Service to manage, control and monitor access to critical operations  Elevating existing permissions Just In Time (JIT)
  • 10. AAD Features : Seamless Sign-on  Automatically signed into both on-premises and cloud-based applications  Pass-through authentication  Authentication agent in on-premises server  Credentials never leaves on-premises  Password hash synchronization  Azure AD stores the hash of hash of the passwords stored in on-premises AD  Azure AD Connect is used to synchronize
  • 11. Scopes  Set of resources permissions, policies and costing can be applied at
  • 12. Role Based Access Control (RBAC)  Access management to cloud resources  Security Principal  Role Definition
  • 13. Identity Collaboration : B2B  Allow external identities to collaborate with organization  Allow external identities to use organization’s resources
  • 14. Identity Collaboration : B2C  Business to customer identity as a service  Customers can use social accounts to connect