This Designing for Azure Identity Management course will guide you through the theory and practice of recognizing, implementing, and deploying the services on offer within your enterprise. Learn how to better the protection of your organization by designing advanced identity management solutions. Recommended for those who already have some experience with the subject, this course is comprised of 24 lectures, including demos, and expertly instructed by one of our MS Azure subject matter experts.
Learning Objectives
- Study and understand what Azure AD Domain Services do and what they can offer
- Learn to create and manage hybrid identities via Azure AD Connect
- Understand the principles of Azure MFA and SSO, and how to enable them
- Recognize and deploy the key principles of Azure AD B2B and B2C
- Learn and utilize Privileged Identity Management
Intended Audience
This course is intended for:
- IT professionals who are interested in getting certified with MS Azure
- Those looking to become Azure architects and/or tasked with designing identity management solutions
Prerequisites
- A mid-range knowledge of MS Azure is recommended before starting this course
- An understanding of identity management concepts
Related Training Content
For more courses related to MS Azure, visit our dedicated Content Training Library.
Azure AD Domain Services is a Microsoft cloud-based offering that provides managed domain services, such as domain join, group policy, LDAP, and Kerberos and NTLM authentication. The domain services provided are fully compatible with traditional on-prem Active Directory and they can be deployed without any need for deployment or management of domain controllers in the cloud. Azure AD Domain Services integrates with the existing Azure AD tenant and makes it possible for users to log in with their corporate credentials. Existing user accounts and groups can be leveraged to secure access to resources. As such, this offers a smoother transition of on-prem resources to Microsoft Azure. Companies leveraging a hybrid IT infrastructure will typically synchronize their identity information from their on-prem directories to the Azure AD tenant. As more of their on-prem applications are migrated to Azure, Azure AD Domain Services can become more useful. An important caveat to consider when deciding if Azure AD Domain services are the right solution is that password sync is mandatory for a hybrid organization to use Azure AD Domain Services.
This is required because users' credentials are needed for authentication via NTLM and Kerberos in the managed domain that is provided by Azure AD Domain Services. When considering Azure AD Domain Services, keep in mind that the managed domain is actually a stand-alone domain. It is not, and I repeat, it is not an extension of the on-prem AD domain. This is a common misconception among IT professionals. Also, because the domain is managed, the IT administrator does not need to, nor can he, manage, patch, or monitor the domain controllers for the managed domain. Likewise, there is no need to manage or even monitor AD replication within the managed domain. Quite frankly, there really isn't much for the administrator to do in the managed domain, especially since the administrator doesn't even have Domain Admin or Enterprise Admin privileges on the managed domain.
Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.
In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.
In his spare time, Tom enjoys camping, fishing, and playing poker.