In this video, Pete Zerger covers activating your Azure AD Premium P2 trial, assigning licenses to users, and automating license assignment with Azure AD group-based licensing.
- [Narrator] Now I'll demonstrate how to activate your Azure AD Premium P2 Trial and assign licenses to users. At this point, I'll assume you've already signed up for an Azure AD Trial. Let's start by activating our trial. I'll make sure I'm working in the new Azure Portal, as it provides features not available in the legacy Classic Portal. This is the Azure Portal. This is the Classic Portal. I'll click on Azure Active Directory, then Licenses.
I have no products activated yet, so I'll now click on All Products, and then Try/Buy. Under Azure AD Premium, I'll click on Free Trial, and then Activate. The Azure AD Premium Trial will be enabled almost instantly. At this point, I can create a user and assign Azure AD Premium Licenses right away. I'll click on Azure Active Directory, Users and Groups, All Users, and New User.
I can create a user and assign Azure AD Premium Licenses right away. I'll navigate to the Azure Active Directory, and All Users. You should automatically be signed into the Default Directory. Let's create a new user and assign a license. In the User form, I'll fill in the username. I'll provide a Login, using the domain name I registered earlier. And I'll fill in any profile information that I want. If you need the temporary password, simply click the Show Password box.
I'll assign any custom directory roles I like. I'll make Sally a global administrator. And to create the account, I'll simply click Create. The new portal gives us Per User Licensing options, but it also enables group-based licensing. I can assign licenses to a user by clicking on that user account and selecting Licenses, and assigning Azure AD Premium or any other license I wish. However, I can assign licenses on a per-group basis as well.
For example, for finance users, I can select Licenses and assign that same Azure AD Premium License all the members of that group all at once. Now here's a tip that enables a big win for your IT Department. In the Synchronized Identity model, I can synchronize identities from my on-premises Windows Server Active Directory, using Azure AD connect, which we'll cover in depth later in this course.
I can then add those users to a group automatically using a dynamic formula based on department, or any user account property I choose. And then assign licensing to the members of that group automatically. For example, if I wanted to automatically assign Azure AD Premium Licenses to my IT Department, I can create a group in Azure AD, that's populated based on the Department property, like so. So I'll create a group for IT.
I'll set my membership type to dynamic user, and I'll use a dynamic query. And I will simply look for the Department property, matching IT. Now any user synchronized into my directory with a department of IT will be added to this group automatically. I'll hit the Create button to create this group, and now, I can assign licenses to this group. So I'll click on my new IT group, Licenses, and I'll assign my Azure AD Premium P2 licenses.
And now, any user synchronized into my directory whose department matches IT, flows into membership of this group automatically, and receives their Azure AD Premium P2 license. That also means when the user leaves the organization, we can disable or rename the account, for their replacement and all the cloud-based licensing takes care of itself. And this works the same for any Microsoft cloud-based services like Office 365 or Power BI as well. Minimizing administrative effort across your organization.
In this course—the first in the series—Microsoft MVP Pete Zerger takes you through the basics of setting up endpoint protection. He begins by explaining how to set up Azure Active Directory Premium. Next, he goes into enabling multi-factor authentication, followed by setting conditions for secure access. To wrap up, Pete covers managing mobile devices with Intune, and publishing applications with Azure AD App Proxy.
- Setting up Azure Active Directory for an organization
- Enabling user-level and application-level multi-factor authentication
- Setting conditions for secure access
- Planning a mobile device management (MDM) strategy
- How Intune (standalone) MDM works
- How Intune mobile application management works
- Publishing applications with Azure AD App Proxy
- Assigning users and groups