Book Image

Mastering Identity and Access Management with Microsoft Azure

By : Jochen Nickel
Book Image

Mastering Identity and Access Management with Microsoft Azure

By: Jochen Nickel

Overview of this book

Microsoft Azure and its Identity and Access Management is at the heart of Microsoft’s Software as a Service, including Office 365, Dynamics CRM, and Enterprise Mobility Management. It is an essential tool to master in order to effectively work with the Microsoft Cloud. Through practical, project based learning this book will impart that mastery. Beginning with the basics of features and licenses, this book quickly moves on to the user and group lifecycle required to design roles and administrative units for role-based access control (RBAC). Learn to design Azure AD to be an identity provider and provide flexible and secure access to SaaS applications. Get to grips with how to configure and manage users, groups, roles, and administrative units to provide a user- and group-based application and self-service access including the audit functionality. Next find out how to take advantage of managing common identities with the Microsoft Identity Manager 2016 and build cloud identities with the Azure AD Connect utility. Construct blueprints with different authentication scenarios including multi-factor authentication. Discover how to configure and manage the identity synchronization and federation environment along with multi -factor authentication, conditional access, and information protection scenarios to apply the required security functionality. Finally, get recommendations for planning and implementing a future-oriented and sustainable identity and access management strategy.
Table of Contents (22 chapters)
Mastering Identity and Access Management with Microsoft Azure
About the Author
About the Reviewer
Choosing the Right Technology, Methods, and Future Trends

How does advanced identity and authentication reporting work?

With MIM hybrid reporting, you receive a unified view of the most common identity management activities that happen in your Azure AD or in the on-premise identity management solution, from password self-service reset to group management. To include the On-premise data, you need to install the reporting agent on all the MIM Service servers that need to be included. The agent uploads data from service requests in the MIM service to the tenant-specific reporting service in Azure Active Directory. When using this scenario, there is no dependency to the MIM SCSM Reporting.


You will still need to implement a local reporting infrastructure if you want to hold data for auditing purposes for longer than one month. The Azure Active Directory reports are kept for no longer than one month. The hybrid reporting feature is an Azure AD Premium licensed feature.

Additionally, the reporting data uploaded to your Azure Active Directory can be...