1. Home
  2. Training Library
  3. Microsoft 365
  4. Microsoft 365 Courses
  5. Planning for Microsoft 365 Implementation and Migration

Understanding Office 365 Identity and Azure Active Directory

Start course
1h 10m

Microsoft 365 represents a combination of Office 365, Windows 10 and Enterprise Mobility offerings – providing the most complete set of SaaS technologies that Microsoft has to offer. With Microsoft 365, organizations can deploy a complete solution encompassing both devices and applications, along with applying security and compliance policies to protect the entire suite.

This course will help you as you plan your migration of users and data to Microsoft 365, including planning your identity and authentication solution, and the on-premises infrastructure needed to support your migration. We’ll also help you understand and identify your business requirements and use cases, to help drive your decision-making process when planning to transition your infrastructure to the Microsoft cloud. We’ll spend some time focusing on networking and discuss some of the networking decisions that need to be made to ensure an optimal migration experience, as well as the best experience for your users after migration.

This course will also help you to identify which data needs to be migrated to the cloud, and what the best migration method will be based on your scenario – we’re also going to cover the different types of user identities, how your users will authenticate, and how that’s going to affect your migration planning.

In addition to talking about these different components, we’re also going to run through a few demos – showing you some of the practical steps involved, along with some tips and tricks we’ve picked up along the way. 

Learning Objectives

By the end of this course, you should be able to:

  • Plan a Microsoft 365 Implementation, including the supporting infrastructure
  • Plan your identity and authentication solution, both on-premises and in the cloud
  • Identify your users, data, and mailboxes to be migrated to Microsoft 365
  • Plan the migration of your groups and user data to Microsoft 365

Intended Audience

This course is intended for people who:

  • Want to become a Microsoft 365 administrator
  • Are preparing to take the Microsoft’s MS-100 exam 


To get the most from this course, you should have a general understanding of networking & server administration as well as IT fundamentals such as DNS, Active Directory and PowerShell.


Throughout this course we've been talking about identities that exist, both in Office 365 and Azure Active Directory, and we've been using these terms at times interchangeably. This can be a bit confusing, so let's break it down a bit. 

Microsoft 365 is a platform of services that you consume: services like Exchange Online, SharePoint Online, Teams, Intune, etcetera. Microsoft 365 doesn't provide its own identity structure. Instead, the identities that are used when connecting to any of the Microsoft 365 services, are provided by Azure Active Directory. Similar to Active Directory On-Premises, Azure AD provides a secure method of controlling both user identities and access to applications and services through account permissions and policies. In fact, when you login to the Microsoft 365 admin portal and look at your users' groups and contacts, you're just being shown a different view of your Azure Active Directory. 

Any user you create or synchronize into Office 365 is really being created in Azure Active Directory. Any views of active users, contacts, guest users, or deleted users in Office 365, are being surfaced directly from Azure Active Directory. This means that you can use either portal for creating and managing your users. Since I'm most often in the Microsoft 365 portal, I tend to prefer using that portal for most of my user management. As you'd imagine, while most of functionality overlaps, for instance you can create new users and license them from either portal, there are some things that can only be done in one portal or the other. A good example of this would be Azure AD group-based licensing, which is a feature of Azure AD Premium P1. 

In Azure Active Directory, you can configure security groups and assign licenses directly to the group. Any user created in Azure AD and assigned to that group, will automatically inherit the license packages assigned to this group. Of course, once the group licensing has been configured, you can go back to creating your users in the Microsoft 365 portal. Simply adding them to the correct security group will automatically assign their licenses.

About the Author

Jeremy Dahl is a Senior Technology Consultant who has spent the last 8 years focusing on Microsoft 365 technologies and has been an Office 365 MVP for the last 6 years. Jeremy is a self-proclaimed cloud addict who architects technology solutions that combine cloud technologies with on-premises solutions, allowing organizations to make the most of their existing infrastructure while still taking full advantage of the agility and scalability of what the cloud has to offer.

Jeremy can be found blogging about Microsoft 365 technologies on his website, masterandcmdr.com, and evangelizing the Microsoft cloud on Twitter.