Azure Active Directory (Azure AD/ AAD)
- Azure AD is Microsoft’s cloud based Identity and access management service, which can employees sing and access resources in
- External resources such as Microsoft 365, the Azure Portal and other SAAS applications
- Internal resources, apps in corporate network & intranet.
- Windows Active vs Azure Active Directory Refer Here
- Azure AD Plans
- Azure AD Free
- User and group management
- On-premise directory synchronization
- basic reports
- self-service password change for cloud users
- single sing on across Azure
- Microsoft 365
- SAAS apps
- Azure AD Premium P1: In addition to all the free feature P1
- lets hybrid users access both cloud & on-premise resource
- supports advanced administration, such as dynamic groups, self-serive group management
- Microsoft Identity Manager (On-premise identity & access management suite)
- cloud write-back
- Azure AD Premium P2: In addition all the free and P1 features, P2 offers
- Azure Active Directory Identity Protection
- Privileged Idenity Management
- Azure AD Free
- Terms
- Identity: Anything that can get authenticated
- Account: An identity that has data associated with it
- Azure AD Account: Identity created through azure AD
- Adding Custom domain to azure ad
- Add custom domain and verify custom domain by add txt record to DNS (domain register like godaddy)
- Add custom domain and verify custom domain by add txt record to DNS (domain register like godaddy)
Multifactor Authentication
-
For free plan, enable security defaults to enforce Multi factor Authentication
-
In Active Directory Premium Plans, Use Azure AD Conditional Access to prompt users for multi-factor authentication.
-
Note: Ensure you have windows ad domain controller with some users (superheros) and groups (avengers/justice league)
