Course Slides for notes.pdf
(
3525 KB
)
Pobierz
Azure Active Directory
Master Class
Kevin Brown
MCT (Microsoft Certified Trainer) since 2000
Azure Security Engineer
Azure Solutions Architect
Azure Administrator
M365 Enterprise Administrator
Microsoft Identity and Access Administrator
CISSP
and more….
What is a Master Class?
A Master Class is a course that focuses on one technology, and delivers depth into that topic.
A Master Class goes beyond what is required for certifications.
Intended for those that will become subject matter experts (SME).
This Azure Active Directory Master Class is designed for those that want a deep and immersive knowledge
of Azure Active Directory, which is at the core of Azure, Microsoft 365, Microsoft Dynamics, and other
Services.
Azure Active
Directory
(Azure AD)
1
Azure Active
Directory
(Azure AD)
Azure Active
Directory
(Azure AD)
Azure Active
Directory
(Azure AD)
2
Azure Active
Directory
(Azure AD)
Understanding Azure Active Directory
Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service, which helps
your employees sign in and access resources in:
Who uses Azure Active Directory?
Azure AD is intended for:
IT admins:
As an IT admin, use Azure AD to control access to your apps, based on your business
requirements. For example, you can use Azure AD to require multi-factor authentication when accessing
important organizational resources. Azure AD gives you powerful tools to automatically help protect user
identities and credentials and to meet your access governance requirements.
App developers:
As an app developer, you can use Azure AD to add single sign-on (SSO) to your app,
allowing it to work with a user's pre-existing credentials. Azure AD also provides APIs that can help you build
personalized app experiences using existing organizational data.
Microsoft 365, Office 365, Azure, or Dynamics CRM Online subscribers:
As a subscriber, you're already
using Azure AD. Each Microsoft 365, Office 365, Azure, and Dynamics CRM Online tenant is automatically an
Azure AD tenant. You can immediately start to manage access to your integrated cloud apps.
3
Custom Domain Name
Every new Azure AD tenant comes with an initial domain name,
<domainname>.onmicrosoft.com.
You can't
change or delete the initial domain name, but you can add your organization's names. Adding custom
domain names helps you to create user names that are familiar to your users, such as
alain@contoso.com.
Before you can add a custom domain name,
create your domain name with a domain
registrar.
A tenant represents an organization. It's a dedicated instance of Azure AD that an organization receives at
the beginning of a relationship with Microsoft. That relationship could start with signing up for Azure,
Microsoft Intune, or Microsoft 365, for example.
Each Azure AD tenant is distinct and separate from other Azure AD tenants.
Azure AD Licensing
•
Azure Active Directory Free/ Office 365.
Provides user and group management, on-premises directory
synchronization, basic reports, self-service password change for cloud users, and single sign-on across
Azure, Microsoft 365, and many popular SaaS apps.
•
Azure Active Directory Premium P1.
In addition to the Free features, P1 also lets your hybrid users access
both on-premises and cloud resources. It also supports advanced administration, such as dynamic groups,
self-service group management, Microsoft Identity Manager (an on-premises identity and access
management suite) and cloud write-back capabilities, which allow self-service password reset for your on-
premises users.
•
Azure Active Directory Premium P2.
In addition to the Free and P1 features, P2 also offers Azure Active
Directory Identity Protection to help provide risk-based Conditional Access to your apps and critical
company data and Privileged Identity Management to help discover, restrict, and monitor administrators
and their access to resources and to provide just-in-time access when needed.
https://azure.microsoft.com/en-in/pricing/calculator/?service=active-directory
https://www.microsoft.com/en-us/security/business/identity-access-management/azure-ad-pricing
4
All users must have an
account
The account is used for
authentication and
authorization
Types of users: Azure AD,
Active Directory and
Guest
Set-ExecutionPolicy RemoteSigned
Install-Module Az
Install-Module AzureAD
Connect-AzAccount
Much of the Azure Active Directory PowerShell for Graph module ( AzureAD) functionality has been rolled
into the new Azure PowerShell Az module ( Az ), it's not currently (and might never be) a replacement for the
full power of what you can achieve with AzureAD.
https://docs.microsoft.com/en-us/powershell/azure/?view=azps-7.2.0
https://docs.microsoft.com/en-us/powershell/module/azuread/?view=azureadps-2.0
5
Plik z chomika:
anonyus
Inne pliki z tego folderu:
SmartFTP10.7z
(11364 KB)
7. Set a disable and expiration date on a user account.mp4
(31826 KB)
1. Summary & Final Thoughts(1).mp4
(29525 KB)
008 Azure AD and Group Management using Azure CloudShell.mp4
(26834 KB)
009 Self-Service Password Reset (SSPR).mp4
(26422 KB)
Inne foldery tego chomika:
Pliki dostępne do 01.06.2025
Pliki dostępne do 08.07.2024
Pliki dostępne do 19.01.2025
Pliki dostępne do 21.01.2024
Pliki dostępne do 27.02.2021
Zgłoś jeśli
naruszono regulamin