Identity Management . . . . a fancy term for keeping tabs on credentials with access to our systems. All cyber security attacks share a common factor: the attacker gained access to a system. Commonly, this occurs using compromised user accounts.
Azure & Active Directory Center
ENow Software's Azure & Active Directory blog built by Microsoft MVPs for IT/Sys Admins.
Want to learn more about Active Directory?
Active Directory Administration Cookbook, 2nd Edition
In this book, Microsoft MVP & Technical Editor of ENow's Azure & Active Directory Center, Sander Berkouwer will share the intricacies of managing Azure AD, Azure AD Connect as well as Active Directory for administration in the cloud and on Windows Server 2019.
AAD Roles for EXO Administrators
In one of my other articles “Accessing Exchange Online Objects” I outlined how you can interact with these objects. When you need to scope apps with application permissions to a subset of mailboxes, we can use ApplicationAccessPolicies as outlined here by Microsoft.
My email address is my identity
In Active Directory on-premises or Azure Active Directory (AAD), used by Office 365, our User Principal Name (UPN) is often the same as our email address. These days, we often log in with our email addresses, which means that whatever we’re “using under the hood” from an authentication point of view is the same as our email address. This convention of making our email address the same as our UPN is common practice and even advocated by Microsoft.
Active Directory Rights Management Services (AD RMS) is an on-premises information rights management solution that ships with Windows Server. It uses encryption and a form of selective functionality denial for limiting access to documents such as corporate emails and Microsoft Office documents, and the operations that authorized users can perform on them.
This is especially true for large organizations or universities with multiple brands or decentralized administration within a single Office 365 tenant, the default admin roles can cause headaches. While the delegation of permissions in Exchange Online works very well with Role Based Access Control (RBAC), other applications and services are hard to manage at a granular level. For example, license management or helpdesk for different countries, brands, and organizations. In these organizations, only a subset of administrative users are allowed to edit properties based on their region or brand.
Welcome to the fifth part of this article series about Azure AD Connect. In the previous article, we've taken a look at some of the optional features you can enable for directory synchronization. In this article, we'll cover a few more features -- more specifically the User and Group write-back capabilities.
Before discussing these features, note that they are currently in preview. You can test the features, but should not use them in production unless you have explicit permission by Microsoft.
Now that the disclaimer is out of the way, let's have a look at the User write-back feature.
Welcome to the fourth part of this article series about Azure AD Connect. In the previous article, I discussed permissions for a custom installation, and we dived a little deeper into the upgrade capabilities. Before jumping into the 'advanced' customization options such the filtering abilities, I wanted to take a look at some of the additional (preview) features that Azure AD Connect offers to date.
Configuring an Exchange Hybrid Deployment with Office 365 Part 3: Online Services Directory Synchronization Setup
After preparing federation between Office 365 and the on-premise Active Directory and configuring the Office 365 tenant in the previous post, this article describes the installation of the Microsoft Online Services Directory Synchronization Setup (DirSync).
DirSync is required to synchronize your on-premise accounts and security groups to Office 365.
The setup file has been downloaded from the Office 365 admin center previously. Be aware that you might receive an error during setup
Click Next in the welcome screen:
After preparing the AD FS requirements and installing the AD FS Server Role in part 1, this article describes the steps to configure the Active Directory Federation Services for further use and the eventual integration with Office 365.