Mastering Identity and Access Management with Microsoft Azure

coverpage

Title Page

Copyright and Credits

Mastering Identity and Access Management with Microsoft Azure Second Edition

About Packt

Why subscribe?

Packt.com

Contributors

About the author

About the reviewer

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Reviews

Section 1: Identity Management and Synchronization

Building and Managing Azure Active Directory

Implementation scenario overview

Implementing a solid Azure Active Directory

Configuring your administrative workstation

Custom company branding

Summary and recommendations of the help information

Creating and managing users and groups

Set group owners for organizational groups

Delegated group management for organizational groups

Configure self-service group management

Create the sales internal news group as an Office 365 (distribution group)

Configure dynamic group memberships

Assign roles to administrative units

Creating an administrative unit

Adding users to an administrative unit

Scoping administrative roles

Test your configuration

Protect your administrative accounts

Provide user and group-based application access

Assign applications to users and define login information

Assign applications to groups and define login information

Self-service application management

Password reset self-service capabilities

Configure notifications

Test the password reset process

Using standard security monitoring

Integrating Azure AD Join for Windows 10 clients

Join your Windows 10 client to Azure AD

Verify the newly joined Windows 10 client

Configuring a custom domain

Configure Azure AD Domain Services

Test and verify your new Azure AD Domain Services

Summary

Understanding Identity Synchronization

Technology overview

Microsoft Identity Manager (MIM) 2016

MIM synchronization service

MIM synchronization service extensions

MIM service and portal

MIM service extensions

MIM password reset and user account unlock

MIM privileged access management

Additional solution

Cloud deployment based on identity director service

On-premises deployment based on MIM 2016

Azure Active Directory Connect

Synchronization scenarios

Single-forest integration

Multi-forest integration

Multi-Azure Active Directory Integration

Azure Active Directory Domain Services Integration

Stretched Active Directory to Azure IaaS

Azure Active Directory B2B integration

Azure Active Directory and Microsoft Office 365 synchronization

Identity and password-hash synchronization including SSO options

Identity synchronization including PingFederate integration

Identity and password-hash synchronization including ADFS integration

Azure Active Directory Connect high availability

Synchronization terms and processes

UserPrincipalName suffix decisions

Active Directory preparations

Source Anchor decisions

Connected Directories

Import flow

Placeholder objects

Synchronization flows

Inbound synchronization

Outbound synchronization

Joins

Connector objects

Disconnector objects

Export flow

Summary

Exploring Advanced Synchronization Concepts

Preparing your lab environment

Understanding declarative provisioning and expressions

Synchronization rules explained

Special considerations in advanced synchronization concepts

Using standard filters to exclude users and groups