role-iq-logo
Rock [Azure]
See all Azure roles

Managing Identities in Microsoft Azure Active Directory

Microsoft Azure Active Directory brings modern, cloud-based features to traditional identity management. In this course, you will learn the basics of managing an Azure Active Directory environment, including users, groups, devices, and applications.
Course info
Rating
(11)
Level
Intermediate
Updated
Aug 6, 2018
Duration
2h 7m
Table of contents
Description
Course info
Rating
(11)
Level
Intermediate
Updated
Aug 6, 2018
Duration
2h 7m
Description

Securing access and authorization to your applications, data, and resources is critical to protecting your enterprise assets. You must provide proper access to users and devices when they need it, without being overly permissive. Microsoft Azure Active Directory can be leveraged to achieve those goals. In this course, Managing Identities in Microsoft Azure Active Directory, you will learn the fundamentals of managing an Azure Active Directory environment. First, you will learn the basics of an Azure Active Directory tenant. Next, you will explore how to manage users, groups, devices, and applications. Finally, you will examine how to leverage special features like Conditional Access and Self-service Password Reset to give your users a modern, protected experience. By the end of this course, you will be able to manage your Azure Active Directory environment effectively, use advanced features to improve the end-user experience, and provide higher security to your organization.

About the author
About the author

Ned Bellavance is an IT professional and Microsoft MVP with over 15 years of experience in the industry. Passionate about technology, he is always looking to embrace future trends and share new discoveries with the community.

More from the author
Deep Dive - Terraform
Intermediate
3h 39m
6 Feb 2018
Terraform - Getting Started
Beginner
3h 11m
31 Aug 2017
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Ned Bellavance, and welcome to my course, Managing Identities in Microsoft Azure Active Directory. Azure Active Directory is an Identity as a Service solution that expands the capabilities of traditional Active Directory on-premises, and serves as the identity layer for Office 365 and Microsoft Azure. In this course, you will learn about the features and functionality that exist within Azure Active Directory and how to manage the various resources and configurations found within the solution. We will be focusing on several topics within the course including configuring directories in Azure Active Directory, managing users and groups, managing devices and applications, and securing Azure Active Directory. By the end of this course, you will be able to manage your Azure Active Directory environment effectively and use advanced features to improve end-user experience and provide higher security to your organization. Before beginning this course, you should have a basic understanding of using the Azure portal, some familiarity with PowerShell, and a desire to grow your Azure Active Directory knowledge. I hope you'll join me on this journey to learn more about managing Azure Active Directory, and some of the excellent features within, with the course, Managing Identities in Microsoft Azure Active Directory, on Pluralsight.

Configuring Directories in Azure AD
Hello, and welcome to Managing Identities in Azure Active Directory. I'm Ned Bellavance, a Microsoft MVP in cloud and datacenter management, and this is the first module, Configuring Directories in Azure AD. So let's jump right in. The first thing that we're going to cover is Azure Active Directory; its structure and contents. You may already be somewhat familiar with Azure AD, especially if you're using Microsoft Azure or Office 365, since those require an Azure AD tenant, but we're going to dive a little bit more into what Azure AD is and how it functions so that you can better understand its capabilities. We'll also briefly review the way in which you can add custom domain names to your Azure AD tenant so you don't have to use the default onmicrosoft. com domain that comes when you start a new tenant. We'll also briefly review role-based access controls and permissions that exist in Azure AD. And finally, we'll look at the process of switching from one directory to another, in case you have multiple directories in your environment.

Managing Azure Active Directory Users and Groups
When you think about an identity management system, one of the fundamental things that you're going to want to do with that management system is create users and groups, and then assign those users and groups some level of permissions or access to resources within your organization. Not surprisingly, that's a fundamental feature of Azure Active Directory. So in this module, we're going to be talking about Managing Azure Active Directory Users and Groups. Hi everyone. This is Ned Bellavance, a Microsoft MVP in cloud and datacenter management, and let's get started with the module. In this module, we're going to be covering how to configure users and groups within Azure Active Directory. So we're going to review some of the common user and group settings that exist within Azure AD. We'll talk about some cool features that come with Azure AD, one of them is self-service password reset, and if you are a helpdesk admin, or a former helpdesk admin, that probably has you jumping for joy. And another one is self-service group membership, which again, helps you out with your helpdesk calls and your administrative overhead. We're also going to look a little bit at third-party access and how you can use business to business and external accounts to provide someone with an external account access to resources in your organization and control some of the features and functionality of that account. And finally, review a few of the potential identity sources that you can use with those B2B, or external accounts.

Managing Azure AD Devices and Applications
When you think about local Active Directory, after users and groups, you're probably thinking about registering devices or joining them to the domain, and then providing applications access to Active Directory so that they can perform authentication and determine access rights of users and groups. Azure Active Directory is very similar in that regard. So in this module, we're going to be covering Managing Azure Active Directory Devices and Applications. Hi everyone. I'm Ned Bellavance, a Microsoft MVP in cloud and datacenter management, and let's get started. In this module, we're first going to be covering Azure Active Directory device management. The first thing we're going to cover is how do you join a device to Azure Active Directory? You can't do a whole lot until it's joined. In order to join a device to Azure Active Directory there are some requirements and prerequisites that needs to be in place, so we're going to look at that as well. And then I talked about local Active Directory a little bit in the intro. There are some hybrid scenarios that are supported between Azure Active Directory and local Active Directory, and we'll talk through that a little bit as well. Then we'll move into the realm of Azure Active Directory applications. And the first thing we'll talk about is how do you add a new application, and there's different types of applications that you can add to Azure AD that interact with it in different ways. We'll talk about what those different types are and the implications of them. We're going to look at controlling access to applications through users and groups, and we'll also talk about how Single Sign-On integrates with Azure Active Directory.

Managing Access in Azure AD
One of the top concerns when it comes to doing something in the cloud is security. Most organizations are worried that if they let something loose in the cloud, then they've also lost all control over it, and that's just not the case with Azure Active Directory. There's a lot of ways to manage access in Azure Active Directory and also monitor that access. This module is Managing Access in Azure Active Directory. Hey everyone. I'm Ned Bellavance, Microsoft MVP in cloud and datacenter management, and let's get started. Alright, the first thing that we're going to talk about is access management. How can you manage user's access to resources using rules and conditions? So that's going to get into conditional access a little bit. The next thing we're going to look at is how do you review access? So you set up access for a user, but they changed functions, or they left the company, how do make sure that access gets tidied up? And finally, we're going to look at access monitoring. So I know things are happening behind the scenes, are there some ways that I can detect risky behavior and vulnerabilities automagically, or are there ways to manually discover and set up alerting so that I'm aware of what's going on in my access environment?