Azure Active Directory (AAD) is a multi-tenant Active Directory service developed by Microsoft and provided via Microsoft public Azure:
Source: https://docs.microsoft.com/en-us/azure/active-directory/media/hybrid-id-design-considerations/hybridid-example.png
The goal of AAD is to have one single cloud-based identity management solution that provides Single Sign On (SSO) features for every cloud service that is being consumed. Mainly, Azure AD provides the following capabilities:
- Multi-factor authentication
- Self-service password and group management
- Role-Based Access Control
- Privileged account management
- Application usage monitoring
- Security auditing, monitoring, and alerting
One of the most interesting design goals is that by default, each directory's information is being saved three times, which means that two copies of all directory data exist in different Azure regions spread all around the world. This provides a highly available and scalable directory service compared...