See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/368661575

Microsoft Azure Active Directory

Article · February 2023

CITATIONS READS

0 233

1 author:

Sardar Mudassar Ali Khan

Contour Software
155 PUBLICATIONS 7 CITATIONS

SEE PROFILE

All content following this page was uploaded by Sardar Mudassar Ali Khan on 20 February 2023.

The user has requested enhancement of the downloaded file.

 Microsoft Azure Active
Directory
Contents
Introduction: ........................................................................................................................................... 4
Azure AD is used by who? ....................................................................................................................... 4
IT admins: ............................................................................................................................................ 4
App developers: .................................................................................................................................. 4
Microsoft 365, Office 365, Azure, or Dynamics CRM Online subscribers: .......................................... 4
What are the licenses for Azure AD? ...................................................................................................... 4
Azure Active Directory Free ................................................................................................................ 4
Azure Active Directory Premium P1.................................................................................................... 5
Azure Active Directory Premium P2.................................................................................................... 5
Pay-as-you-go feature licenses. .......................................................................................................... 5
Which features work in Azure AD? ......................................................................................................... 5
Application management.................................................................................................................... 5
Authentication .................................................................................................................................... 5
Azure Active Directory for developers ................................................................................................ 5
Business-to-Business (B2B) ................................................................................................................. 5
Business-to-Customer (B2C) ............................................................................................................... 5
Conditional Access .............................................................................................................................. 5
Device Management ........................................................................................................................... 6
Domain services .................................................................................................................................. 6
Enterprise users .................................................................................................................................. 6
Hybrid identity .................................................................................................................................... 6
Identity governance ............................................................................................................................ 6
Identity protection .............................................................................................................................. 6
Managed identities for Azure resources............................................................................................. 6
Privileged identity management (PIM) ............................................................................................... 6
Reports and monitoring ...................................................................................................................... 6
Important Points About Azure Active Directory ..................................................................................... 7
Get secured, adaptive access .................................................................................................................. 7
Offer seamless user experiences ............................................................................................................ 7
Unify identity management .................................................................................................................... 7
Simplify identity governance .................................................................................................................. 7
Unify your identity infrastructure management .................................................................................... 7
Conclusion ............................................................................................................................................... 7
 Published By DZone.com
https://dzone.com/articles/microsoft-azure-active-directory-1
Introduction:
Azure Active Directory (Azure AD) is a cloud service for managing identities and access. This solution
facilitates access to thousands of additional SaaS applications, the Azure portal, and external resources
like Microsoft 365 for your staff members. They can also access internal resources like apps on your
business intranet network and any cloud apps created by your company, thanks to Azure Active
Directory. See QuickStart: Create a new tenant in Azure Active Directory for more details on building
a tenancy for your business.

Azure AD is used by who?

Azure AD can be used for:

IT admins:
Based on your company's needs, utilize Azure AD to limit access to your apps and app resources as an
IT administrator. For instance, you may utilize Azure AD to make it mandatory for users to provide
two-factor authentication before accessing crucial corporate resources. Additionally, you may
automate user provisioning across your current Windows Server AD and your cloud apps, such as
Microsoft 365, using Azure AD. Finally, Azure AD provides you with strong features to automatically
assist in protecting user identities and credentials as well as to satisfy your access governance
requirements. Sign up for a free 30-day Azure Active Directory Premium trial to get going.

App developers:
As an app developer, you can add single sign-on (SSO) to your app using Azure AD as a standards-
based method, enabling it to function using a user's pre-existing credentials. Azure AD offers APIs that
may be used to create personalized app experiences using organizational data that already exists. Sign
up for a free 30-day Azure Active Directory Premium trial to get going. You may also view Azure Active
Directory for developers for additional details.

Microsoft 365, Office 365, Azure, or Dynamics CRM Online subscribers:

You are already using Azure AD as a subscriber. Each tenant of Microsoft 365, Office 365, Azure, and
Dynamics CRM Online is also an Azure AD tenant by default. You can start controlling access to your
connected cloud apps right away.

What are the licenses for Azure AD?

Azure AD is necessary for sign-in processes and to aid in identity protection for Microsoft Online
Business Services like Microsoft 365 or Azure. All the free features of Azure AD are included when you
sign up for any Microsoft Online business subscription.

By upgrading to Azure Active Directory Premium P1 or Premium P2 licenses, you can additionally add
paid features to improve your Azure AD deployment. The commercial licenses for Azure AD are
constructed on top of your currently free directory. For your mobile users, the licenses offer self-
service, improved monitoring, security reporting, and safe access.

Azure Active Directory Free

Enables single sign-on across Azure, Microsoft 365, and a wide range of well-liked SaaS apps. It also
offers user and group administration, on-premises directory synchronization, basic reports, self-
service password reset for cloud users, and user and group management.

Azure Active Directory Premium P1

P1 now enables access to both on-premises and cloud resources for your hybrid users in addition to
the Free features. Additionally, it enables more sophisticated administrative features including cloud
write-back capabilities, dynamic groups, self-service group management, Microsoft Identity Manager,
and self-service password reset for your on-premises users.

Azure Active Directory Premium P2.

Along with the Free and P1 features, P2 also includes Privileged Identity Management and Azure Active
Directory Identity Protection, which together help to provide risk-based Conditional Access to your
apps and important corporate data as well as discover, limit, and monitor administrators' access to
resources and just-in-time access when necessary.

Pay-as-you-go feature licenses.

Additional feature licenses are also available, such as those for Azure Active Directory Business-to-
Customer (B2C). For your customer-facing apps, B2C can assist you in providing identity and access
control solutions. Consult the Azure Active Directory B2C documentation for further details.

Which features work in Azure AD?

Following your selection of an Azure AD license, your company will have access to some or all the
following features:

Application management
Utilize Application Proxy, single sign-on, the My Apps interface, and Software as a Service (SaaS)
programmed to manage your cloud and on-premises apps. See the documentation for Application
Management and How to enable secure remote access to on-premises applications for further details.

Authentication
Manage self-service password reset for Azure Active Directory, MFA, a custom list of forbidden
passwords, and smart lockout. Consult the Azure AD Authentication documentation for further
details.

Azure Active Directory for developers

Create applications that sign in with all Microsoft identities and obtain tokens to use the Microsoft
Graph, other Microsoft APIs, and custom APIs. Visit the Microsoft identity platform for further details
(Azure Active Directory for developers).

Business-to-Business (B2B)
Manage your external partners and guest users while keeping your own corporate data under your
control. Consult the Azure Active Directory B2B documentation for further details.

Business-to-Customer (B2C)
Customize and manage how users register with your apps, log in, and manage their profiles. Consult
the Azure Active Directory B2C documentation for further details.

Conditional Access
Access control for your cloud-based apps. Consult the documentation for Azure AD Conditional Access
for additional details.

Device Management
Control how you’re on-premises or cloud-based devices access your company's data. Consult the
documentation for Azure AD Device Management for additional details.

Domain services
Azure virtual machines can be added without the need for domain controllers to a domain. Consult
the documentation for Azure AD Domain Services for further details.

Enterprise users
Using groups and administrator roles, you may set up delegates, control app access, and assign
licenses. Consult the Azure Active Directory user administration documentation for further details.

Hybrid identity
To give a single user identity for authentication and authorization to all resources, independent of
location, use Azure Active Directory Connect and Connect Health (cloud or on-premises). See Hybrid
identity documents for further details.

Identity governance
Manage your organization's identity through employee, business partner, vendor, service, and app
access controls. You can also perform access reviews. For more information, see Azure AD identity
governance documentation and Azure AD access reviews.

Identity protection
Establish protocols to react to suspicious actions, identify any vulnerabilities affecting the identity of
your organization, and then resolve them. See Azure AD Identity Protection for further details.

Managed identities for Azure resources

Your Azure services can authenticate with any authentication service that Azure AD supports,
including Key Vault, by creating an automatically managed identity in Azure AD. For further
information, see What are managed identities for Azure resources.

Privileged identity management (PIM)

Manage, restrict, and keep an eye on access within your company. Access to resources in Azure AD,
Azure, and other Microsoft Online Services, such as Microsoft 365 or Intune, are all included in this
functionality. See Azure AD Privileged Identity Management for further details.

Reports and monitoring

Learn more about the usage and security trends in your environment. See Azure Active Directory
reporting and monitoring for further details.
 Important Points About Azure Active Directory
• Single sign-on simplifies access to your apps from anywhere
• Conditional access and multifactor authentication help secure data
• A single identity control plane grants full visibility and control of your environment
• Governance ensures the right people have access to the right resources, and only when they
need it

Get secured, adaptive access

Strong authentication and risk-based adaptive access restrictions can help preserve user experience
without compromising access to resources and data.

Offer seamless user experiences

To keep users engaged, cut down on time spent managing passwords, and eliminate friction, offer a
quick and simple sign-in process.

Unify identity management

To increase visibility and control, centrally manage all your identities and users' access to your
applications, whether they are hosted online or locally.

Simplify identity governance

With effective automated identity governance, you can guarantee that only authorized individuals
have access to apps and data for users and admins.

Unify your identity infrastructure management

With the Microsoft Entra admin center, you can manage and secure your whole identity infrastructure,
including Azure AD, more easily.

Conclusion
Azure Active Directory (Azure AD) is a cloud service for managing identities and access. This solution
facilitates access to thousands of additional SaaS applications, the Azure portal, and external
resources like Microsoft 365 for your staff members

View publication stats