Building an Entra ID scenario

- Now that we've discussed the technical and business characteristics of Azure AD, let's switch gears and dive into the process of provisioning an Azure AD tenant. I'll list out the prerequisites you'll need for an ideal deployment and perform a few demonstrations where I'll walk you through the exact steps involved in the creation of a brand new Azure AD tenant. My intention behind including these demos is to show you how easy it is to spin up Azure AD, as opposed to getting a Windows Server Active Directory server up and running. That should hopefully make you appreciate the product better and motivate you to try it out yourself. There are mainly two Azure AD deployment scenarios, enterprise organizations and small-medium businesses. Every organization will partially or entirely fit into one of these two categories. Here's how I define them. Enterprise organizations are those which have a significant on-premises infrastructure present. It could be servers, networking devices, or storage devices. Whereas small medium businesses have very little to no infrastructure present on premises, then, for identity and access, enterprise organizations have Window Server Active Directory Domain services running. Whereas small-medium businesses do not have any Active Directory services set up. That means enterprise organizations have a centralized domain environment for administration, with group policy and everything. Whereas small-medium businesses rely on a more independent work group environment for functioning. Enterprise organizations have an interconnected directory hierarchy, by that, I mean there are one or more forests, domains, sites, federations, trusts, all that stuff. Whereas, with small medium businesses, you do not have any of that complex stuff. It's basically a non interconnected structure. These two broad categories are for reference only. It's not a hard and fast rule that every single criterion should be met to be put into one of these two categories. If the majority of the trades match, that should be enough. And, depending on which one of these two scenarios your environment falls under, it will decide your Azure ad deployment strategy. There are two deployment strategies available. One for each scenario. For enterprise organizations, we will implement a hybrid cloud strategy. In this plan, you will provision an Azure AD tenant and integrate it with your existing on-premises infrastructure using the Azure AD connect tool. So, both environments will coexist, be able to share identity information, and support workloads together. The distribution of the control and workload across the two environments is adjustable depending on your needs. You will need the AD connect tool to implement the strategy correctly. On the other hand, for small medium businesses, you will implement a cloud only strategy, or what I also like to call a standalone cloud strategy. In this plan, since there is no on-premises infrastructure present, Azure AD will function independently and host all workloads. The full control of the environmental resides in the cloud. And, there's no need to use the AD connect tool, because there's nothing to connect to it, right? Now that we have the deployment strategy part cleared, here's what I'm going to do. Imagine a small business named World Traveler TV. It's a travel company that runs a web series showcasing popular tourist destination and sells travel packages. It's headquarter in Hyderabad India and has 10 employees. Nine of them are Heather, Audrey, Rae, Kali, Chris, Brian, Tracey, Matt, and Yash. The 10th one is me, Kunal, the IT administrator. We will be provisioning an Azure AD tenant for these 10 users of World Traveler TV.