Deploying and Integrating Azure AD

This course provides the knowledge to integrate on-premise AD with Azure AD to enable a seamless identity throughout all cloud services.
Course info
Rating
(53)
Level
Intermediate
Updated
Jan 21, 2016
Duration
3h 25m
Table of contents
Which Path Is for You?
Examining On-premises and Cloud Directory Services Architecture
Extending Active Directory into Azure
Enabling Cloud Service Relationships with Federation
Adding Applications with Azure AD
Discovering Cloud Applications Used in Your Organization
Implementing MFA Using Azure AD
Reporting and Monitoring with Azure AD
Description
Course info
Rating
(53)
Level
Intermediate
Updated
Jan 21, 2016
Duration
3h 25m
Description

Many organizations leverage Active Directory for authentication and a centralized identity internally and look to extend this to cloud services. This course will show how to extend Active Directory to Azure based services and how to leverage Azure AD for a single identity throughout all services while integrating with your existing AD.

About the author
About the author

John Savill is an 11-time MVP, and he holds many Microsoft certifications including Azure Infrastructure and Azure Architecture specialist. John is the author of the popular FAQ for Windows and a senior contributing editor to Windows IT Pro. John has written eight books on Microsoft technologies including Mastering Microsoft Azure Infrastructure Services and Mastering Windows Server 2016 Hyper-V.

More from the author
Microsoft Azure Alert Configuration Playbook
Intermediate
1h 5m
Jun 12, 2019
Microsoft Azure Database Monitoring Playbook
Intermediate
1h 26m
Jun 6, 2019
Monitoring Microsoft Azure Data Storage
Intermediate
1h 8m
May 31, 2019
More courses by John Savill
Section Introduction Transcripts
Section Introduction Transcripts

Discovering Cloud Applications Used in Your Organization
Discovering Cloud Applications Used in Your Organization. We previously looked at this fantastic ability to add applications to your Azure AD instance. These are applications either federated with Azure or they're using some kind of credential staffing, but the upshot of that is, I don't have to manually maintain those relationships. Azure is doing that for me. I simply add applications to my Azure AD instance and then I provision them to users or groups of users and that's fantastic, but a question is going to arise. Which applications do I need to add in my organization? Now as an IT department, I'll have an idea of the ones that I think are used the most. I know we use Office 365. I know we use Azure, but what about the business units? What are they using? How do you find out the applications they're using that they've gone and provisioned just with their corporate cards? How do you know? And so the goal of this module is to understand the types of applications that may be being used in your organization and then how to discover the applications used within your company. So the types of applications there are and then which particular ones are being used, because with that information, I can then actually go and decide well these are the applications I should add to my Azure AD instance. These are the groups of users I should provision them to and I'll know how many users in which groups, what ones should I prioritize?

Implementing MFA Using Azure AD
Implementing MFA using Azure AD, so multi-factor authentication and there are a number of drivers behind this, so I want to cover why password are terrible. We don't want to use them anymore and this is very much an industry trend. If you look at Windows, Windows is really pushing to try and move away from passwords. We saw it with the picture password, a number of gestures on the screen, and we see it with Windows Hello where it recognizes a 3D image of our face. Pins are emphasized and a lot of times you think well these things sound simpler than a password so why is this a good thing? I'll get to that in a second, but just accept passwords are pretty crappy, we don't like those, and so using multi-factor authentication with Azure AD because multi-factor authentication can be intimidating. How do I get started with this? I often see these complex tokens and there must be a huge amount of infrastructure. Azure AD is flipping a switch. Now potentially the license is involved, but the actual implementation is very light, very easy to do. And then beyond MFA because we still have a password, enabling self-service password reset. So users forget their password. How can they reset it without having to go through the help desk? So looking at how Azure AD can enable that and even enable that to write back to your On-Premises Active Directory.

Reporting and Monitoring with Azure AD
Reporting and Monitoring with Azure AD. We've moved to this cloud identity. This is the focus for all of our connectivity to all of those cloud SaaS applications out there and we're going to make it as secure as possible. We're going to use things like MFA, but it does have the potential for more attacks. I'm using this single identity across all these different services. So in this module I want to look at some of the reporting and overall monitoring we can do to really make sure our identities are secure and well monitored as possible. So my goal is the need for the insight into Azure Active Directory using the Azure AD reports and also monitoring the health of the Azure AD Connect. Remember, this is what replicates the On-Premises Active Directory identities to the Azure AD identities, so if that's not healthy and it's not replicating correctly, then I'm going to get problems so I want to make sure that's as healthy as possible and there's a great solution to actually help me with that.