Post on 13-Jan-2017
Designing Identity Solutions with Azure Active Directory APRIL 7, 2016
Brice McDowellSolution Architect
The Short Bio
• Solution Architect with focus on Office 365 platform• Collaborative solutions at my core for over 15 years• Expertise with Active Directory including full Forest migrations• Extensive Directory Synchronization work• Covered various industries including law, logistics, manufacturing and others
Brice McDowell
Agenda
• What is Azure Active Directory?• Azure Active Directory editions• Azure AD Connect• Azure Single Sign On• Cloud App Discovery
05/01/2023 4
What is Azure Active Directory?
Available in 3 editions:
A comprehensive identity and access management cloud solution
Free Basic Premium
05/01/2023
Identity as the control plane
Simple connection
Self-service
Single sign-on
Username
************
On-premises
Windows ServerActive Directory
Other directories
Cloud
Microsoft Azure AD
Agenda
• What is Azure Active Directory?
• Azure Active Directory editions• Azure AD Connect
• Azure Single Sign On
• Cloud App Discovery
05/01/2023 7
Available in 3 editions:
Free
• Directory Objects
• User/Group Management
• Single Sign-On
• Self-Service Password Change
• Connect
• Security / Usage Reports
05/01/2023 8
Available in 3 editions:
Basic
• Group-based access management / provisioning
• Company Branding
• Application Proxy
• SLA
05/01/2023 9
Available in 3 editions:
Premium
• Self-Service Options• Multi-Factor Authentication (Cloud and On-premises)• MIM CAL + MIM Server• Cloud App Discovery• Connect Health• Automatic password rollover for group accounts
Agenda
• What is Azure Active Directory?
• Azure Active Directory editions
• Azure AD Connect• Azure Single Sign On
• Cloud App Discovery
Making hybrid identity simple
Azure Active Directory Connect
• Consolidated deployment assistant
• All currently available sync engines replaced by new Connect sync engine
• Assisted deployment of ADFS (optional component for auth)
• Password sync can replace ADFS
Azure Active Directory Connect
DirSync
Azure Active Directory Sync
FIM + Azure Active Directory
Connector
ADFS ADFS
Sync engine
05/01/2023 12
Windows Azure Active Directory connecting Office 365
Connecting Office 365 components from a single directory
ExchangeOnlineSharePoint
OnlineSkypeOnline
? ??
Customer Directories on-premises
Why start from scratch?
05/01/2023
Your directory in the cloud
13
Connect and sync on-premises directories with Azure
Azure Active Directory
Other directories
HR Apps
05/01/2023 14
A seamless user authentication experience
Identity synchronization with password (hash) sync
Identity synchronization
AD FS
Agenda
• What is Azure Active Directory?
• Azure Active Directory editions
• Azure AD Connect
• Azure Single Sign On• Cloud App Discovery
05/01/2023 16
Your directory in the cloud with Single Sign OnConnect and sync on-premises directories with Azure
2500+ pre-integrated popular SaaS apps
+Other
directories
SaaS apps
HR Apps
05/01/2023 17
3 supported ways to sign in
Federated Single Sign-On
Password-based Single Sign-On
Existing Single Sign-On
05/01/2023 18
Protocols to connect with Azure AD
Agenda
• What is Azure Active Directory?
• Azure Active Directory editions
• Azure AD Connect
• Azure Single Sign On
• Cloud App Discovery
Over 2500 Pre-Integrated SaaS Apps
Cloud App Discovery
Reveal shadow IT:
Comprehensive reporting
SaaS app category
Number of users
Utilization volume
Discover all SaaS apps in use within your organization
Resources
• www.psclistens.com/strategic-infrastructure
• https://azure.microsoft.com/en-us/
• https://azure.microsoft.com/en-us/documentation/articles/active-directory-developers-guide/
• https://channel9.msdn.com/Azure
Contacting Brice
Brice McDowellPSC Group, LLC bmcdowell@psclistens.com (email and IM)
www.psclistens.com
@mcdowellbrice