Book Image

Mastering Identity and Access Management with Microsoft Azure

By : Jochen Nickel
Book Image

Mastering Identity and Access Management with Microsoft Azure

By: Jochen Nickel

Overview of this book

Microsoft Azure and its Identity and Access Management is at the heart of Microsoft’s Software as a Service, including Office 365, Dynamics CRM, and Enterprise Mobility Management. It is an essential tool to master in order to effectively work with the Microsoft Cloud. Through practical, project based learning this book will impart that mastery. Beginning with the basics of features and licenses, this book quickly moves on to the user and group lifecycle required to design roles and administrative units for role-based access control (RBAC). Learn to design Azure AD to be an identity provider and provide flexible and secure access to SaaS applications. Get to grips with how to configure and manage users, groups, roles, and administrative units to provide a user- and group-based application and self-service access including the audit functionality. Next find out how to take advantage of managing common identities with the Microsoft Identity Manager 2016 and build cloud identities with the Azure AD Connect utility. Construct blueprints with different authentication scenarios including multi-factor authentication. Discover how to configure and manage the identity synchronization and federation environment along with multi -factor authentication, conditional access, and information protection scenarios to apply the required security functionality. Finally, get recommendations for planning and implementing a future-oriented and sustainable identity and access management strategy.
Table of Contents (22 chapters)
Mastering Identity and Access Management with Microsoft Azure
About the Author
About the Reviewer
Choosing the Right Technology, Methods, and Future Trends

Chapter 13. Delivering Multi-Forest Hybrid Architectures

Today, it's common for organizations to drive several Active Directory forests, whether historically, to use a resource and account forest scenario, or to separate services from user accounts. Now that we have these environments, we have a clear need to discuss the different options available for synchronizing identities to the AAD and its usage with Office 365. In this chapter, we will discuss the three most commonly-used scenarios in the field and discuss the synchronization and authentication options you can use for designing a suitable and flexible IAM solution. Additionally, we will talk about the alternative login ID options and Azure Active Directory Authentication Libraries (ADAL), for use with the new modern authentication scenarios with Office 365 and the Office suite installed on your computer. A solution without monitoring would be dangerous. For monitoring reasons, we will take a deep dive into the AAD Connect Health functionality...