Features
Features:

Product Tour >

Edraw AI >

Paid Plans:

Individuals >

Business >

Eduaction >
Resources
Blog

History

How-tos & Tips

Discovery

Biography

Business Analysis

Examples

AI concept Map

Free AI Mind Map Generator

Onenote Mind Map

Bcg Matrix Examples

Nike Marketing Strategy

Unilever SWOT Analysis

Make Mind Maps in Google Docs

Guide

FAQs

What's New

Resource Center
Templates
All Templates

Brain Storming Templates

Strategy and Planning Templates

Project Management Templates

Product Management Templates

Human Resources Templates

Agile Workflow Templates

Marketing Templates

Education Templates

Fun and Games Templates

User Gallery
Download
Pricing
Enterprise

Azure AD

Basic introduction about Azure AD. You can make and share your own mind maps easily. Just try EdrawMind mind mapping software for free!

Edited at 2022-03-08 09:31:19

Mark A. Basco

Recent works View more works>>

Azure AD

Mark A. Basco

Recent works View more works>>

Recommended to you
Outline

40k classes
- 2.0k
- 3
- 1
Oliveettom
Cisco IOS interface
- 610
- 4
Roy Mustang
application development and deployment
- 859
- 10
- 1
Roy Mustang
Data Sanitization Tools
- 400
- 2
Roy Mustang
DATA COLLECTION MEASURES
- 666
- 3
Roy Mustang
Android
- 464
- 1
Roy Mustang
Java Training
- 1.8k
- 13
- 2
Roy Mustang
Active reading techniques
- 594
- 3
- 2
Study Smarter
Classification of visual languages
- 346
- 2
Study Smarter
Game Theory
- 1.2k
- 11
- 3
Fiona_

Azure AD

Overview

Definition

Directory service

Identity and management solution

Authentication and authorization solution

Built into Microsoft Azure

Identity as as Service

Microsoft implementation of IaaS

Centralized and secure

Identity store

Authenticate user

Cloud resources

Multi-factor authentication

Single sign-on

AD Version

Active Directory

Domain Services

Federation Services

Rights Management Services

Certificate Services

Lightweight Directory Services

Azure AD Premium

AD Premium P1

AD Premium P2

Azure AD Basic

AD DS vs Azure AD

Querying

LDAP vs Microsoft Graph API

Enterprise features

Group policies, trust, OU

Decoupling of server

No domain controllers

Fundamentals

Services & Features

Azure AD Admin Center

Managing users and computers

Azure AD Join

Managing laptop and desktop computers

Azure AD Domain Services

Manage old directory-aware applications

SaaS and PaaS apps

Manage SaaS and PaaS

Application proxy

Authenticate you to run on-prem apps

Device Registration

For BYOD

Azure AD B2B

Authenticate partner company

Azure AD B2C

Manage identities of general public

Azure AD Connect

Integrate on-prem AD

Administration

AD Connect is lighweight and it comes with AD Connect Health

Self-service for profile, password, groups and apps

Delegation of groups and apps through ownership

Automatic provisioning/deprovisioning of SaaS apps

Delegate device joining/registering to end users

Smart lockout powered by machine learning

Azure AD Connect

Overview

Implement if you require hybrid setup

Not required for full cloud setup

Integrates AD DS and Azure AD

Installed on a member server

Synchronized user, group and computer

Bidirectional flow of configuration changes

Single sign-on

Federation with AD FS (If authentication is on-prem)

AD Connect Health

Users and Groups

Users

Federated Users

ADDS, ADDFS is present

Provides Federation and Single sign-on

Users are sync to the cloud via AD Connect

Users can access both cloud and on-prem resources

Authentication is on-prem

Synchronized Users

ADDS only or no Federation

Users are sync to the cloud via AD Connect

Sync from on-prem to cloud

Users can access both cloud and on-prem resources

Authentication is in the cloud and on-prem

Cloud Users

Users are natively created in the cloud

Cloud only resources

Authentication is in the cloud

Source

Multiple

External Azure AD

Microsoft Account

User Type

Guest

Member

Groups

Security groups

Similar to on-prem security group

Office 365 groups

For Office 365

Shared mailbox in Exchange

Site collection in Sharepoint

Chatroom in Teams

Dynamic membership

Device Management

Azure AD Join

For cloud-only environment

Atleast Windows 10

Managed via Intune

Hybrid Azure AD Join

Atleast Windows 8.1 and above

Can be configure via AD Connect tool

For company-owned asset

Device Registration

For BYOD

Windows and MacOS

Can enfore minimal security baseline

Manage via Intune

External Users Management

Azure AD B2B

For partner companies

Send them email to join your tenant

Authentication is via their external Identity provider

Will soon replace ADFS and Trust

Can invite non-Microsoft identities

Azure AD B2C

Customers accessing public-facing apps

Identity lifecycle is self-service

It scales to millions of users

B2C directory is isolated

Application Support

SaaS application

Apps Gallery

One-click to provision

Integrate non-Gallery SaaS apps

Assign users and groups

Assign owners

PaaS applications

Custome apps, in-house apps

App registration

Add a name and location

Configure cert or keys

Choose Azure API

Supports OpenID, OAuth, SAML

Assign users and groups

Assign owners

Azure AD Domain Services

Legacy directory-aware application

Apps that require Kerberos, NTLM and LDAP

Refactor to use apps for newer protocol

Apps are running in the cloud

Application proxy

Apps are running on-prem

Authentication happens in Azure AD

App proxy service (Azure AD) talks to apps proxy connector (on-prem)

Azure AD Security

Credentials

Conditional access

Location

Rules

AI learns users login pattern

Multi-factor authentication

Azure AD Directory roles (DR)

Global Administrators

Azure AD Identity Protection (IP)

flag users for risk

discover irregular activities

for monitoring and reporting

AAD Privileged Identity Management (PIM)

Just in time privilege

AAD Entitlement Management (EM)

AAD Access Reviews (AR)

Identity Governance

Regulatory Compliance Solution

Microsoft Trust Center

Microsoft Compliance Manager

Azure Security Center