Active DirectoryMicrosoft Technologies

Windows Azure Active Directory (WAAD)

4ac52e5b-b3ac-4fbd-bbc7-bd4bae8403da

In previous article I explain the difficulties had on “cloud” to extend organization’s identity management. Therefor most of the applications, services on cloud used to have their own identity stores.

With Windows Azure AD, it allows to extend the local infrastructure identity management to the cloud seamlessly to allow users to get self-service capabilities and single-sign-on access. So end users no need to worry about the way they can access organization’s resources, services etc. or where it’s located (on-premises or cloud).

In before when deal with identity management in hybrid cloud setup, most of time you need to “replicate” the setup on cloud and on-premises in order to get them work with proper access control. But Azure AD allows to “sync” with existing system and allows to control access management in central location.

Windows Azure Active Directory provides centralized identify management for office365, windows intune, over 1000 SaaS applications. Not only that it provides techniques, tools to integrate your own cloud-based application or services. It also allows to “sync” with in-house active directory environment using “DirSync” and AD FS (Active Directory Federation Services) features.

Currently there is 3 versions of Windows Azure Active Directory.

Free – Free edition allow you to sync with in-house active directory environments, get SSO with Azure services and thousands of Saas applications.

Basic – This version gets all the features of free version plus group-based access management, self-service password reset, windows azure active directory application proxy to publish on-premises web applications in to cloud. It also includes enterprise level SLA which guarantee 99.9% uptime. 

Premium – This version includes all the features of free and basic versions plus self-service group management, security reports and alerts, multi-factor authentication and Microsoft identity manager (MIM).

You can get more info from following nice video.

Major benefits of WAAD

1.    Centralized identify management – You can manage logins for AD or WAAD from any remote location and from any device.
2.    Advanced Access Control – you can set rules to control the access to cloud application and resources based on users, devices, locations etc.
3.    Single-Sign-On (SSO) – Provides SSO for cloud, on-premises resources and applications. It also supports for thousands of SaaS applications available in market.
4.    Application Proxy – we can allow external user access to applications published via in-built AD application proxy. Its access can control via rules and policies according to company requirements.
5.    Advanced Reporting – It provides daily usage reports, access reports. It also allow to use custom reporting based on azure Ad reporting API.

This is the end of the post and in next post lets see how to setup WAAD. If you have any question about the post, feel free to contact me on rebeladm@live.com

Image source: http://files.channel9.msdn.com/thumbnail/4ac52e5b-b3ac-4fbd-bbc7-bd4bae8403da.png

Related posts
Cyber SecurityMicrosoft Entra IDMicrosoft Technologies

Microsoft Entra lifecycle workflows Part 02 - How to synchronize value for employeeHireDate attribute from on-premises Active Directory ?

In my previous blog post, I explained how we can automate JML (Joiners/Movers/Leavers) process by…
Read more
Azure servicesMicrosoft Entra IDMicrosoft Technologies

Step-by-Step Guide : Automate JML(Joiners/Movers/Leavers) process with Microsoft Entra lifecycle workflows

JML (Joiners/Movers/Leavers) process of an organization has a major impact on its security and…
Read more
Cyber SecurityMicrosoft DefenderMicrosoft Technologies

Microsoft Defender for Identity Part 02 – Create Directory Service Account

In Part 01 of Microsoft Defender for Identity blog series, I have explained about Microsoft Defender…
Read more
Newsletter
Become a Trendsetter

Sign up and get the best of RebelAdmin, tailored for you.

1 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *