What is Azure Active Directory A comprehensive identity

What is Azure Active Directory? A comprehensive identity and access management cloud solution. It combines directory services, advanced identity governance, application access management and a rich standards-based platform for developers It is available in 3 editions: free, Basic and Premium

Identity as the control plane

Drew Fogarty Director Marketing • • • Manages one or more departments Authorizes use of Saa. S apps for her departments (ex: performance management, expense reports, customer engagement). Doesn’t want to be blocked by IT Melvin Wallen Marketing lead • • Manages six marketing specialists Responsible for granting, approving or validating his reports’ access to resources like apps and documents Irwin Mc. Cray Social media specialist - Starting today • Very sophisticated consumer or technology

job. Title Business_Title given. Name First_Name sur. Name Last_Name department Job_Family_ID preferred. Language Locale_ID manager Manager_Reference Address (street. Address; city; state; country; postal. Code) Municipality, Country_Region_Reference, Country_Reference, Postal_Code display. Name Formatted_Name telephone. Number Phone_Data 'Work' mail. Nickname User_ID physical. Delivery. Office. Name Work_Space__Reference mobile. Phone_Data Mobile'

Is. Active Is. Soft. Deleted Alias user. Principal. Name Email Mail Email. Encoding. Key “ISO-8859 -1” Language. Locale. Key “en_us” First. Name given. Name Last. Name surname Locale. Sid. Key preferred. Language Time. Zone. Sid. Key “America/Los_Angeles” Username user. Principal. Name User. Permissions. Call. Center. Auto. Login False User. Permissions. Marketing. User False User. Permissions. Offline. User False

Azure Active Directory DMZ Corporate Network

Set-msoluser –User. Principal. Name <User. Principal. Name> -Strong. Password. Required <Boolean> Set-msoluser –User. Principal. Name <User. Principal. Name> -Password. Never. Expires <Boolean> Set-Msol. User. Password –User. Principal. Name <User. Principal. Name> –New. Password <New Password> -Force. Change. Password <Boolean> Set-Msol. Password. Policy -Domain. Name <Domain Name> -Notification. Days <Number Of Days> –Validity. Period <Number Of Days>

Active Directory DMZ Tailspin. Online. com corpnet AD DS Self-Service Password Management Cloud Service FIM/MIM Azure AD Connect Active Directory When password writeback is enabled Azure AD connect creates a private service bus session and listens for password updates Applications

Active Directory DMZ Tailspin. Online. com corpnet AD DS ? Self-Service Password Management Cloud Service FIM/MIM Azure AD Connect Applications Active Directory Is the user federated SSO or password sync

Active Directory DMZ Tailspin. Online. com corpnet AD DS Self-Service Password Management Cloud Service FIM/MIM Azure AD Connect Active Directory For on-premises user: Azure AD sends the password to the Azure AD connect and attempts to set it on Windows Server AD Applications

Your password does not meet the password history requirements Please try again… Does NOT meet history requirements Active Directory DMZ Tailspin. Online. com corpnet AD DS Self-Service Password Management Cloud Service FIM/MIM Azure AD Connect Active Directory The user is informed of the results and can try again if they fail to meet password requirements. Applications

Active Directory DMZ Tailspin. Online. com corpnet AD DS Self-Service Password Management Cloud Service FIM/MIM Azure AD Connect Active Directory Azure AD sends the password to the Azure AD connect and attempts to set it on Windows Server AD Applications

Password has been reset!!! Success Active Directory DMZ Tailspin. Online. com corpnet AD DS Self-Service Password Management Cloud Service FIM/MIM Azure AD Connect Active Directory The user is informed of the results and can try again if they fail to meet password requirements. Applications

Success Active Directory DMZ Tailspin. Online. com corpnet AD DS Self-Service Password Management Cloud Service FIM/MIM Azure AD Connect Applications Active Directory FIM/MIM sync pushes password to other applications

Active Directory Location Saa. S Apps Reporting services User Activity and Devices

Tue, Oct 28 3: 15 PM-4: 30 PM EM-B 214 Privileged Access Management for Active Directory Wed, Oct 29 8: 30 AM-9: 45 AM EM-B 316 Directory Integration: Creating One Directory with Active Directory and Azure Active Directory Wed, Oct 29 3: 15 PM-4: 30 PM EM-B 319 Microsoft Identity Manager v. Next Overview Wed, Oct 29 3: 15 PM-4: 30 PM CDP-B 210 Cloud Identity: Microsoft Azure Active Directory Explained Wed, Oct 29 5: 00 PM-6: 15 PM EM-B 318 Free Your Apps: Introducing Microsoft Azure Active Directory Application Proxy and Windows Server Web Application Proxy Thu, Oct 30 10: 15 AM-11: 30 AM CDP-B 312 Microsoft Azure Active Directory Premium, in Depth Fri, Oct 31 2: 45 PM-4: 00 PM EM-B 313 Microsoft Azure Multi-Factor Authentication Deep Dive: Securing Access on Premises and in the Cloud Thu, Oct 30 12: 00 PM-1: 15 PM EM-B 310 Active Directory + BYOD = Peace of Mind Thu, Oct 30 5: 00 PM-6: 15 PM DEV-B 322 Building Web Apps and Mobile Apps Using Microsoft Azure Active Directory for Identity Management Fri, Oct 31 8: 30 AM-9: 45 AM CDP-B 207 Securing Organizations: Azure Active Directory Intelligence as a Differentiator

http: //channel 9. msdn. com/Events/Tech. Ed www. microsoft. com/learning http: //microsoft. com/technet http: //developer. microsoft. com

http: //technet. microsoft. com/library/dn 765472. aspx http: //technet. microsoft. com/en-us/library/hh 546785. aspx http: //www. microsoft. com/en-us/server-cloud/products/ windows-azure-pack http: //azure. microsoft. com/en-us/