Microsoft
Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity
and access management service, which helps users to sign in and utilize
resources in:
- We can use Azure AD as identity management in both internal and external application such as Microsoft Office 365, the Azure portal, On-premises Application (Firewall, etc.) and thousands of other SaaS applications which supports Active Directory.
- Each account (email address) can contain multiple AADs
- Each AAD can have multiple subscriptions
Azure AD Features Pricing Details
Main Key Features of Azure AD
- Single Sign-On
- Self-service password reset
- Multi-Factor Authentication
- Conditional Access
- Identity Protection
Single Sign-On:-
Azure Active Directory Seamless
Single Sign-On (Azure AD Seamless SSO) automatically signs users their
corporate devices connected to their corporate network.
- We don’t have to enter our credentials for each service or application, one sign-in will be enough.
- Seamless SSO can be combined with either the Password Hash Synchronization or Pass-through Authentication sign-in methods.
- Seamless SSO is not applicable to Active Directory Federation Services (ADFS).
Self-Service Password Reset:-
- The use of enabling Self Service Password Reset AAD users can easily change or reset their passwords by themselves.
- To enable the SSPR, we need to upgrade our AAD type from Azure AD Free to Basic, Premium P1 or Premium P2 type. Azure offers a 1-month free trial of Premium P2.
- We can also enable the SSPR to All or particular users or groups.
Multi-Factor Authentication:-
MFA is a work based on requiring two or more authentication methods
For example:-
- Typically a password.
- A trusted device that is not easily duplicated, like a phone.
- Biometrics.
MFA is included for free in the Azure AD Premium P2, but it’s billable per user for the other types of AAD.
For O365 Users MFA is Free
For O365 Users MFA is Free
Identity Protection
The identity protection feature is only available in the PREMIUM P2 standalone service.
This feature will help us:
- Detect potential vulnerabilities for identities.
- Automate responses to suspicious actions.
- Investigate suspicious incidents and take action.
AAD uses ML algorithms to detect anomalies and generates a risk report determining the risk level.
Conditional Access:-
Thank you for reading, above contents are refered from Microsoft Official Docs and https://www.scribd.com/document/428801930/Azure-103-HandBook?fbclid=IwAR1juwECb4ols3ZbiHJdB88HtVBJSgQrlahQERU4Qjimp1DD62aZv4mk6CU