Cloud Identities And Azure Active Directory

Identities are accounts by which users are identified. There are three types of identities that can be used while working with Office 365.

  1. Cloud Identities
  2. Synced Identities
  3. Federated Identities

Today, we will discuss more about Cloud Identities.

In Office 365, cloud identities are Office 365 user accounts. User accounts in Office 365 are stored in Azure Active Directory which is cloud-based user authentication service.

Microsoft Azure Active Directory is Microsoft's cloud-hosted Identity and Access Management Service.

This service provides identity management and access control capabilities for Office 365. Azure Active Directory provides services like a cloud-based store for directory data, login process, authentication service, federation services etc.  When users sign into Office 365, they get authenticated against Azure Active Directory. Azure Directory is cloud directory which Office 365 uses.  

There is no relation in on-premises Active Directory and Azure AD. No on-premises server is required and everything is managed by Microsoft for us.

There are four editions of Azure AD – Free, Basic, Premium P1, and Premium P2.

Free Edition

  1. Manage user accounts
  2. Synchronize with On Premises directories
  3. Single sign on across Azure, Office 365 and other SAAS application like Google Apps, Drop Box, Workday, Salesforce etc.
  4. Self Service Password change for cloud users
  5. Connect tool – Sync engine for on premises directories to Azure Active Directory
  6. Three basic Security / usage reports supported

Basic Edition

  1. All features of Free Edition
  2. Group-based application access
  3. Enterprise SLA of 99.9%
  4. Company Branding – Logon Pages, Access panel customization
  5. Self Service Password reset for cloud users
  6. Azure Active Directory Application Proxy

Premium P1 Edition

  1. All features of Basic Edition
  2. Self-Service group management
  3. Self-Service app management
  4. Self-Service application addition
  5. Microsoft Forefront Identity Manager
  6. Advance security reports and alerts
  7. Self-Service password unlock with On-Premises writeback
  8. Multi-Factor authentication
  9. Conditional access based on group and location
  10. Conditional access based on device state

Premium P2 Edition

  1. All features of Premium P1 edition
  2. Identity protection
  3. Privileged Identity Management

We can manage user accounts and licenses either from Office 365 admin center or PowerShell cmdlets.

Managing users from Office 365 Admin Center: Login to Office 365 Admin site. In the first block, you will see the Users section.

Managing users from Office 365 Admin Center
Figure 1: Managing users from Office 365 Admin Center

If we click on the “Users >” link in the title bar, we will be redirected to Active Users.

Managing users from Office 365 Admin Center
Figure 2: Active Users

From “Active Users” screen, we can manage the users. We can import / export users, search users, add new users, delete users, reset a password, and synchronize the directory etc.

In coming articles, we will see how to manage cloud identities, and more about synced identities and federated identities.

References

 

  • https://azure.microsoft.com/en-us/pricing/details/active-directory/
  • https://technet.microsoft.com/en-us/library/mt613459.aspx?f=255&MSPPError=-2147217396