Announcing Skill Me Up Live! Sign up today and save 60% on your first month using offer code LIVETRAINING at checkout.
Deploying Hybrid Identity Solutions using Azure AD
Lecture
Opsgility Gil
Intermediate
4 h 22 m
2017-03-24
Lecture Overview
In this course, students will learn the different cloud identity solutions that are provided by Azure Active Directory, and how to integrate them in a hybrid environment with your on-premises identity solution. Students will first be introduced to the issues with identity in today’s cloud-first world.  Then there will be a thorough examination of several Azure Active Directory features, across the different service tiers available today. Starting from the Azure AD Connect synchronization tool, we move to providing knowledge around the differences between Azure AD B2B/B2C and how to deploy them. Next subject is Azure Active Directory Domain Services, after which we detail  the integration with Office 365. The course is ended with an extensive mapping of Azure AD connect with ADFS Federation and the newest Azure AD Pass-through authentication. This course is also a good help for the Microsoft Azure Infrastructure exam (70-533) as well as for the Office 365 Identity exam (70-346).
Objectives
  • Establishing a hybrid identity synchronization using Azure AD Connect
  • Implementing Azure AD premium features (Multi-Factor Authentication, Company Branding, Self-Service Password Reset, Azure Apps Access Panel
  • Integrating Azure AD hybrid identity with public cloud SaaS applications, as well as with on-premises running applications
  • Re-developing Visual Studio applications for Oauth / OpenIDConnect protocols
  • Exploring and implementing Azure Active Directory B2B / B2C
  • Integration between Azure AD and Office 365
  • Differences between Azure AD password sync, ADFS Federation and Pass-through authentication
Lecture Modules

In this module, the student is introduced to Enterprise scenarios and the issues surrounding businesses identities.  Then an examination of the features of Azure AD will be covered.  Later modules will include a deeper dive into the topics first reviewed here.

  • Introduction to Azure Active Directory
  • Azure subscriptions
  • Azure authentication accounts
  • Creating an Azure Active Directory Tenant
  • Related Hands-On Lab: Deploying Hybrid Identity Solutions using Azure AD
    • Exercise:  Creating an Azure AD Tenant and setting the Default Directory of a Subscription

In this module you will be introduced to extending Active Directory on-premises directories to Azure AD, using Azure AD Connect.  Areas explored include enabling single sign-on for all cloud-based applications and synchronizing User attributes automatically between the Cloud and On-Premises.

  • Azure Active Directory – directory integration
  • Deploying Azure AD Connect
  • Using object synchronization service
  • Troubleshooting sync service
  • Related Hands-On Lab: Deploying Hybrid Identity Solutions using Azure AD
    • Exercise: Integrating an Azure AD with an On-Premise Active Directory via AD Connect

During this Module the student will learn how to enable single sign-on to simplify user access to thousands of cloud applications from Windows, Mac, Android, and iOS devices. The personalized web-based access panel will be covered where Users can launch applications from the web or mobile apps using their company credentials.  In addition, customizations of the Portal with company branding will also be covered. 

  • Managing Public Cloud SaaS Applications
  • Enabling Azure Active Directory Premium Features
  • Implementing Company Branding
  • Related Hands-On Lab: Deploying Hybrid Identity Solutions using Azure AD
    • Exercise: Enabling the use of SaaS applications through Password Single Sign-On

Following on the knowledge from module 3, the student will learn how to use the Application Proxy to go beyond SaaS applications and publish on-premises web applications to provide secure remote access and single sign-on to them.  We will also detail the functionalities of OAuth and how to update your web apps code to have Azure AD authentication getting integrated.

  • Publishing internal applications to Azure Access Panel using Azure Application Proxy
  • Exploring Oauth / Open ID Connect authentication protocols
  • Using Microsoft Graph API
  • Related Hands-On Lab: Deploying Hybrid Identity Solutions using Azure AD
    • Exercise: Enabling the use of SaaS applications identity using company branding

In this module students will learn how to delegate important tasks to employees, such as resetting passwords and creating and managing groups which will then synch back to the On-Premise Active Directory.  The portal will then have another layer of security added with the implementation of Azure Multi-Factor Authentication.  Students will learn how MFA prevents unauthorized access to both on-premises and cloud applications by providing an additional level of authentication.

  • Implementing Self-Service Password resets using Azure Active Directory
  • Exploring and deploying Azure Multi-Factor Authentication
  • Related Hands-On Lab: Deploying Hybrid Identity Solutions using Azure AD
    • Exercise: Empowering Users through self-service Password Resets and Implementing Multi-Factor Authentication to the My Applications Portal




In this module, you will learn about 2 recently-added features to Azure AD, namely Azure AD B2B and B2C (business to business / business to consumer). The introduction of B2B/B2C will high-level information on how companies can stay connected with partners and consumers using a cloud identity service that is more reliable, and cost effective compared to on-premises systems. Built on Azure Active Directory, the highly secure cloud identity platform that handles billions of authentications per day, Azure Active Directory B2B/B2C is a highly avaiExercisele, global, identity management service for consumer-facing applications that scales to hundreds of millions of identities.  

  • What is Azure Active Directory B2B / B2C
  • Implementing Azure AD B2B
  • Implementing Azure AD B2C
  • Related Hands-On Lab: Deploying Hybrid Identity Solutions using Azure AD
    • Exercise: Install and Configure Azure AD B2B/B2C in the Azure Portal






The introduction to Azure Active Directory Domain Services will help the student understand how Azure virtual machines can be joined to a domain without the need to deploy domain controllers. Users sign in to these virtual machines using their corporate Active Directory credentials and access resources seamlessly.

  • What is Azure Active Directory Domain Services
  • Implementing Azure Active Directory Domain Services
  • Related Hands-On Lab: Deploying Hybrid Identity Solutions using Azure AD
    • Exercise: Configure Azure Domain Services in the Azure Portal


Office 365 identity is completely based on Azure Active Directory, but a lot of the user management is done from within the Office 365 portal itself, which makes it sometimes confusing. Other features are also overlapping between the way Office 365 handles them, and how they work from within Azure AD natively (Multi-Factor authentication is a good example). This module will highlight how both cloud world identity systems are inter-connected and work together in offering a secure, reliable and feature-rich identity solution.

·        Office 365 Tenants

·        Exploring the different Office 365 Identity Solutions

·        Integration options with Azure Active Directory identity solutions

·        Managing Identity objects using Office 365

In this module, we will discuss the difference between the long-standing Azure AD Federation (ADFS) hybrid identity solution, and map it with one of the newest updates to Azure Active Directory, being Azure AD Pass-Through authentication.

Students will learn the best practices, solution architecture and benefits of both solutions.

·        What is Active Directory Federation Services (ADFS)

·        ADFS Architecture

·        ADFS benefits

·        Azure AD Pass-through authentication

Learn Azure Active Directory features: In this lab you will learn the different aspects and key features of Azure Active Directory, and more specifically how it integrates in a hybrid identity solution.

Try Risk Free
Start a free trial

Skill Me Up subscriptions include unlimited access to on-demand courses with live lab lab environments with our Real Time Labs feature for hands-on lab access.

Subscription Benefits
  • Access to Real Time Lab environments and lab guides
  • Course Completion Certificates when you pass assessments
  • MUCH MORE!