Ready to sell solutions on Azure to your customers? Find out where to start with our free whitepaper
Join our Modern Workplace Webinar series on the first Monday of every month beginning Monday 3 December
Discover the key features and benefits of Microsoft 365, for your customers and and you as a partner, in our free whitepaper.
Although you could probably write several large tomes about cloud identity – about using, managing, and extending it – I try to keep my blogs short and sweet, aiming to demystify an Azure service and hopefully inspiring you to find out more.
I’ve previously written a series of blogs around storage, including talking about a real-life use case. So, I want to do the same, looking at identity in the Microsoft cloud.
Consider the case of Wingtip Toys (real company name obviously kept secret). They have a large internal development team that develop applications for use by the company. These applications are consumed by users from within the business, by external business partners – both large and small – and by individual contractors, and totalling over 3,000 users.
Currently authentication and authorization is done using Wingtip Toy's internal Active Directory Domain Services (ADDS.) All users, whether internal or external, exist as user objects within this directory.
This model has worked well for Wingtip Toys in the past. However, this is now presenting challenges and is restricting Wingtip’s ability to make new features available through their applications.
Wingtip Toys spends a large amount of time provisioning new users, managing password resets and disabling old user accounts. They want to be able to give users the ability to either use an existing identity, whether that's GMAIL or OUTLOOK, for example, but most importantly corporate identities when using their applications.
They also want to be able provide the ability for automated signup and self-service password reset to users.
When signing up new partners, Wingtip Toys has to ensure that they adhere to the partners’ security standards for password rollover, lifetime, complexity, etc.
Finally, the company wants to ensure that any identity model can be embraced in such a manner that it provides little to no impact on existing users when migrating to a new identity solution.
These challenges are very common in some form or another when working with Identity.
But, Azure Active Directory (AD) can solve all these challenges, and in a series of blogs I will talk about how it’s done.
So, to finish this blog, a quick intro on Azure AD:
Azure Active Directory is Microsoft's multi-tenant, cloud-based identity management service. It blurs the lines between PaaS and SaaS – you could almost say it is Identity-as-a-Service. It underpins all of the Microsoft cloud, from Azure to 365, and contains a suite of capabilities – such as, multi-factor, self-service password resets, role-based access control, monitoring and advanced security.
If you already use Office 365, then you are already using Azure Active Directory. Exchange Online is an application of Azure AD, and utilities it to authorise and authenticate users, and then programmatically accesses it for information such as group membership.
It’s important to realise that, despite the name, Azure AD is not Active Directory Domain Services, although, you can synchronise on-premises identity to Azure AD. Synchronisation will be the first tool we use to solve the challenges that Wingtip faces. From there we will look at registering applications, integration with web applications and B2B. So, check back soon for the next blog – and you can find out more about Azure AD on the Microsoft website, or call the Vuzion Team on 0333 009 5939, or email firstname.lastname@example.org.
Applications & Infrastructure
Data & AI
18 Reasons why Microsoft Azure will always beat AWS
Microsoft Teams: Enabling Intelligent Communications (2nd Edition)
Definitive Guide to Office 365 (3rd Edition)
Vuzion Identity & Access Management
20 Questions to ask a CSP Indirect Provider
RM Education and Microsoft Azure
Care Computers & Microsoft 365
Nuvem Logic & Microsoft 365
Valto, Office 365 & CSP