▶Book Description
Microsoft Azure and its Identity and Access Management is at the heart of Microsoft s Software as a Service, including Office 365, Dynamics CRM, and Enterprise Mobility Management. It is an essential tool to master in order to effectively work with the Microsoft Cloud. Through practical, project based learning this book will impart that mastery.
Beginning with the basics of features and licenses, this book quickly moves on to the user and group lifecycle required to design roles and administrative units for role-based access control (RBAC). Learn to design Azure AD to be an identity provider and provide flexible and secure access to SaaS applications. Get to grips with how to configure and manage users, groups, roles, and administrative units to provide a user- and group-based application and self-service access including the audit functionality.
Next find out how to take advantage of managing common identities with the Microsoft Identity Manager 2016 and build cloud identities with the Azure AD Connect utility. Construct blueprints with different authentication scenarios including multi-factor authentication. Discover how to configure and manage the identity synchronization and federation environment along with multi -factor authentication, conditional access, and information protection scenarios to apply the required security functionality.
Finally, get recommendations for planning and implementing a future-oriented and sustainable identity and access management strategy.
▶What You Will Learn
- Apply technical descriptions and solution architectures directly to your business needs and deployments
- Identify and manage business drivers and architecture changes to transition between different scenarios
- Understand and configure all relevant Identity and Access Management key features and concepts
- Implement simple and complex directory integration, authentication, and authorization scenarios
- Get to know about modern identity management, authentication, and authorization protocols and standards
- Implement and configure a modern information protection solution
- Integrate and configure future improvements in authentication and authorization functionality of Windows 10 and Windows Server 2016
▶Key Features
- Deep dive into the Microsoft Identity and Access Management as a Service (IDaaS) solution
- Design, implement and manage simple and complex hybrid identity and access management environments
- Learn to apply solution architectures directly to your business needs and understand how to identify and manage business drivers during transitions
▶Who This Book Is For
This book is for business decision makers, IT consultants, and system and security engineers who wish to plan, design, and implement Identity and Access Management solutions with Microsoft Azure.
▶Style and approach
A practical, project-based learning experience explained through hands-on examples.
▶What this book covers
- Chapter 1, Getting Started with a Cloud-Only Scenario, explains the main features and licensing information, including some basic cost calculations for such an approach. The challenging aspects with security and legal requirements will round off this chapter.
- Chapter 2 , Planning and Designing Cloud Identities, teaches everything you need in order to understand and design identities for a cloud-only architecture. Starting with understanding the user and group life cycles, you will learn how to design roles and administrative units for Role-Based Access Control.
- Chapter 3 , Planning and Designing Authentication and Application Access, teaches you how to design Azure AD as an identity provider and how to provide flexible and secure access to SaaS applications. Furthermore, you will learn about the rich authentication reporting functionality.
- Chapter 4 , Building and Configuring a Suitable Azure AD, explains how to configure a suitable Azure AD tenant based on the appropriate architecture. You will also learn how to configure and manage users, groups, roles, and administrative units to provide user- and group-based application and self-service access, including the audit functionality.
- Chapter 5 , Shifting to a Hybrid Scenario, explores all the necessary information for a transition process into a hybrid Identity and Access Management architecture with a single or multi-forest on-premise Active Directory environment. You will be able to describe the necessary architecture changes and relevant tasks to provide a successful solution shift.
- Chapter 6, Extending to a Basic Hybrid Environment, guides you through all the businessrelevant information to plan and make the right decisions for a hybrid approach. You will learn to adopt the correct features, licensing models, and security strategy for the typical legal requirements.
- Chapter 7, Designing the Hybrid Identity Management Architecture, teaches you how to take advantage of managing common identities with Microsoft Identity Manager 2016 and to build cloud identities with the Azure AD Connect utility. You will also explore all the various functions for Identities by building a solid hybrid Identity Management solution.
- Chapter 8, Planning the Authorization and Information Protection Options, explores the various functions for authorization and information protection for building a solid hybrid Access Management solution. Furthermore, you will get in touch with risk-based access control and the future functionality of Windows Server 2016.
- Chapter 9, Building Cloud from Common Identities, teaches you how to configure and manage the Identity Synchronization and Federation environment. You will also be able to include on-premise applications and Multi-Factor Authentication.
- Chapter 10, Implementing Access Control Mechanisms, teaches you how to configure accesscontrol mechanisms in the hybrid environment. You will configure Multi-Factor Authentication, Conditional Access, and Information Protection scenarios to apply the required security functionality.
- Chapter 11, Managing Transition Scenarios with Special Scenarios, guides you through the transition process and principles for moving to a cloud-only or multi-forest approach. Additionally, you will learn how to identify the right strategy to decide the correct direction of a coming project. Furthermore, an effective change-management process will be discussed in this chapter.
- Chapter 12, Advanced Considerations for Complex Scenarios, discusses complex and hybrid Identity and Access Management scenarios and teaches you all the necessary features and licensing models to go ahead. You will learn to understand the special business requirements and security and legal requirements in a complex hybrid infrastructure.
- Chapter 13, Delivering Multi-Forest Hybrid Architectures, teaches you the capabilities of directory synchronization and single-sign on over different Active Directory forests. You will also learn about Identity Management over company borders, such as in Business-to-Customer (B2C) and Business-to-Business (B2B) scenarios. Furthermore, you will learn how to enhance the management of identities, authentication, and authorization.
- Chapter 14, Installing and Configuring the Enhanced Identity Infrastructure, teaches you how configure and manage a Multi-Forest Synchronization and Single-Sign-On high available identity and access management environment based on AAD Connect and ADFS in order to provide the required infrastructure for several use cases in a hybrid identity and accessmanagement solution. You will also work with capabilities across company borders and publish the most common on-premise services.
- Chapter 15, Installing and Configuring Information Protection Features, shows you how to configure information protection features with Azure RMS to secure access to sensitive data in order to provide an extended access-management solution. You will configure and publish custom Rights Policy templates, use RMS logging, and get a first view of the new Azure Information Protection capabilities.
- Chapter 16, Choosing the Right Transition, Method, and Future Trends, is the final destination of our journey, where we will discuss additional information that will help you manage several cloud scenarios and support new initiatives. We will jump into some upcoming features and innovations of Microsoft.
