Learn how to manage Azure Active Directory by using the Azure AD management tools.
- [Instructor] Now that we are familiar with the different flavors of Azure AD, Azure Active Directory, and that we understand the concepts of providing authentication and identity services as part of Azure Active Directory, we're ready to start and look at the management tools to manage our directories. So in order to access the management tool, I need to go into Internet Explorer and go to portal.azure.com. As soon as I type portal.azure.com, I'm provided with a logon page. From this logon page, I can sign in with my user account that has access to Azure.
Now, I'm requested to connect using a user account that is a work account, which means it's in a corporate Azure AD, or in a personal account which would connect me to the Microsoft public domains. So I click my username for my Azure AD management account and I'm going to put in my password. Now, the tool that opens up is the Azure portal. Now, this is the tool that I would use to manage all of my resources that are stored in Azure. All of the various resources that are Azure Active Directory and non-Azure Active Directory.
They are all part of my subscription. Now, this tool is very simple. The portal provides a list of resource shortcuts on the left where I actually see an All Resource shortcut as well that provides all of the resources that are currently hosted in Azure and that are associated with my account. As well, I have here Azure Active Directory. And this is where you'll be managing all of the Azure Active Directory components, the user accounts, the policies, the permissions, the domains, all of that will be managed through the Azure AD link or shortcut as part of the Azure portal.
Now, in about 2016, Microsoft updated this portal and actually created a new version of the Azure portal. So you might be familiar with a previous version of the Azure Active Directory portal. This one is really brand new and it's made to look like and feel like a lot of the other components that are Azure-related from Microsoft. So on the left-hand side, I have all of the various shortcuts that will bring me to the configuration options or the licensing options or the settings or security or devices or applications that are all going to be linked or authenticated through Azure Active Directory.
And we'll be looking at a lot of those throughout this video. Now, on the right-hand side, I have also my user account that links me to my profile and this is where I see the user account that I'm currently logged in with as well as the directory that I'm connected to. Now, there are multiple directories that I have that are associated to my account and I can connect to another directory if I want to directly from my logon page. And here, as part of the portal, if I click on a different directory, it actually opens up a separate instance of Azure Active Directory so this is a different instance of Azure Active Directory that is also connected to my user account or that my user account has permissions to.
So if I click on Azure Active Directory in this different instance, I see a separate instance of Azure Active Directory and that is going to be managed completely differently. This is very similar to having on-premises infrastructures with multiple active directory forests. These are separate directory entries completely. They're separate entities and they are managed independently of each other and besides the fact that my user account, which is actually in a different Azure Active Directory instance and that it has permission in this Azure Active Directory, it will show up as an external account.
So even though my account is a full administrator of this specific Azure Active Directory instance, it actually resides in a separate active directory instance. Therefore, it's connected to remotely. Now, one of the important things I want to show you right off the bat as part of this active directory structure is the Quick Start options. And if I click on Quick Start, you'll see that I have here, first of all, some training videos that will will help me understand a little bit more about the management of Azure AD. As well, I have some quick links here that provide some of the initial setup configurations that are going to be relevant for Azure AD.
Specifically here, the second option is get a free trial for Azure AD Premium. Now, in a previous video of this course, I mentioned the difference between Azure AD Basic and Azure AD Premium. Azure AD Basic is what I currently have and if I want, I can add Azure AD Premium. Now, if I just click here on Get a Free Trial and I click on Free Trial, it will add Azure AD Premium giving me some additional functionality such as branding functionalities and self-service functionalities for my user accounts.
Now, this is a one time trial and once I enable the trial, my users will have all those functionalities and I can assign my users to those Azure AD functionalities for Premium. However, this is a limited time trial. It will only last 30 days and after that I can never activate it again until I decide to purchase Azure AD Premium as part of my subscription and then add it to my Azure AD plan.
David shows how to implement and manage user and group accounts, join client computers, and implement single sign-on and multi-factor authentication. (Industry standard protocols such as SAML 2.0, WS-Federation, and OpenID Connect make sign-on possible on a variety of platforms.) To wrap up the course, David reviews the more advanced features in Azure AD and Azure AD Connect, including syncing on-premises Active Directory and Azure AD, and troubleshooting an Azure AD deployment.
- Directory as a service (DaaS)
- Using Azure AD management tools
- Creating an Azure Active directory
- Managing users and groups
- Enabling Active Directory self-service
- Implementing Azure AD authentication
- Running Active Directory reports