Scribd
Upload
14 views22 pages

Manage Microsoft Entra ID Identities

Uploaded by

Ala'a Alkhateeb
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
14 views22 pages

Manage Microsoft Entra ID Identities

Uploaded by

Ala'a Alkhateeb
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

AZ-104T00A

Administer Identity

© Copyright Microsoft Corporation. All rights reserved.


© Copyright Microsoft Corporation. All rights reserved.
Learning Objectives
• Understand Microsoft Entra ID

• Create, configure, and manage identities

• Lab 01 - Manage Microsoft Entra ID Identities

© Copyright Microsoft Corporation. All rights reserved.


Understand Microsoft Entra ID

© Copyright Microsoft Corporation. All rights reserved.


Learning Objectives – Understand Microsoft Entra ID

• Examine Microsoft Entra ID


Manage Azure identities and governance
• Describe Microsoft Entra ID Concepts
(20–25%): Manage Microsoft Entra ID users
• Compare Microsoft Entra ID to Active and groups
Directory Domain Services • Manage licenses in Microsoft Entra ID
• Compare Microsoft Entra ID P1 and P2 plans • Configure self-service password reset
• Implement Self-Service Password Reset (SSPR)
• Learning Recap

© Copyright Microsoft Corporation. All rights reserved.


Examine Microsoft Entra ID

• Configure access to applications, including single sign-on


• Manage and provision users and groups
• Providing an identity management solution, including federation
• Implement security features like multi-factor authentication and conditional access

© Copyright Microsoft Corporation. All rights reserved.


Describe Microsoft Entra ID Concepts
Concept Description

Identity An object that can be authenticated

Account An identity that has data associated with it

Microsoft Entra ID
An identity created through Microsoft Entra ID or another Microsoft cloud service
account

A dedicated and trusted instance. A tenant is automatically created when your organization signs
up for a Microsoft cloud service subscription​.

Tenant/directory • Additional instances can be created


• Microsoft Entra ID is the underlying product providing the identity service
• The term Tenant means a single instance representing a single organization
• The terms Tenant and Directory are often used interchangeably

Azure subscription Used to pay for Azure cloud services

© Copyright Microsoft Corporation. All rights reserved.


Compare Microsoft Entra ID to Active Directory Domain Services
Microsoft Entra ID is primarily an identity solution

Queried using the REST API over HTTP and HTTPS

Uses HTTP and HTTPS protocols such as SAML, WS-Federation, and OpenID Connect for
authentication (and OAuth for authorization)

Includes federation services, and many third-party services (such as Facebook)

Microsoft Entra ID users and groups are created in a flat structure, and there are no
Organizational Units (OUs) or Group Policy Objects (GPOs)

© Copyright Microsoft Corporation. All rights reserved.


Compare Microsoft Entra ID plans
Microsoft ID Microsoft Microsoft
Feature Free
P1 ID P2 Entra Suite
Single Sign-On (unlimited)   
Cloud and Federated authentication   
Advanced group management  
Self-service account management portal   
Multifactor authentication (MFA)   
Conditional access  
Risk-based Conditional Access (sign-in risk, user risk) 
Automated user and group provisioning to apps   
Privileged identity management (PIM)  
Advanced identity governance 

© Copyright Microsoft Corporation. All rights reserved.


What is self-service password reset in Microsoft Entra ID?

1. Determine who can use self-service


password reset

2. Choose the number of authentication


methods required and the methods
available (email, phone, questions)

3. You can require users to register for SSPR


(same process as MFA)

© Copyright Microsoft Corporation. All rights reserved.


Learning Recap – Understand Microsoft Entra ID

Reference modules
• Understand Microsoft Entra ID
• Allow users to reset their password with self-service
Check your password reset
knowledge • Implement and manage hybrid identity
questions and
additional
study

© Copyright Microsoft Corporation. All rights reserved.


Create, configure, and
manage identities

© Copyright Microsoft Corporation. All rights reserved.


Learning Objectives - User and Group Accounts

Manage Azure identities and governance


• Create User Accounts (20–25%): Manage Microsoft Entra ID
• Manage User Accounts users and groups
• Create Group Accounts • Create users and groups
• Manage user and group properties
• Assign Licenses to Users and Groups
• Manage external users
(extra topic)
• Manage licenses in Microsoft Entra ID
• Demonstration – Users and Groups
• Summary and Resources

© Copyright Microsoft Corporation. All rights reserved.


Create User Accounts

All users must The account is used for Each user account has additional
have an account authentication and authorization properties

© Copyright Microsoft Corporation. All rights reserved.


Manage User Accounts

Must be Global
User profile Deleted users Sign in and audit
Administrator or User
(picture, job, contact can be restored log information
Administrator to
info) is optional for 30 days is available
manage users

© Copyright Microsoft Corporation. All rights reserved.


Create Group Accounts

Group Types Membership Types


• Security groups • Assigned
• Microsoft 365 groups • Dynamic User
• Dynamic Device (Security groups only)

© Copyright Microsoft Corporation. All rights reserved.


Assign Licenses to Users and Groups

Azure is a cloud service that provides many built-in services for


free.
View license plans and
• Microsoft Entra ID comes as a free service plan details
• Gain additional functionality with a P1 or P2 license Set the Usage Location
parameter
Assign licenses to users
Additional Services (like O365 are paid cloud services) and groups
• Microsoft paid cloud services require licenses Change license plans for
• Licenses are assigned to those who need access to the users and groups
services Remove a license
• Each user or group requires a separate paid license
• Administrators use the Microsoft 365 Admin portal and
Microsoft Graph PowerShell cmdlets to manage licenses

© Copyright Microsoft Corporation. All rights reserved.


Demonstration – Users and Groups

• Review license and domain information


• Explore user accounts
• Explore group accounts

© Copyright Microsoft Corporation. All rights reserved.


Learning Recap – Create, configure, and manage identities

Reference modules
• Create, configure, and manage identities
• Manage users and groups in Microsoft Entra ID
Check your
knowledge
questions and
additional
study

© Copyright Microsoft Corporation. All rights reserved.


Lab – Manage Entra ID Identities

© Copyright Microsoft Corporation. All rights reserved.


Lab 01 – Manage Microsoft Entra ID Identities

Job Skills
In this lab, you learn about users Task 1: Create and configure user accounts.
and groups.
Task 2: Create groups and add members.
Users and groups are the basic
building blocks for an identity
solution.
You create a new user and invite
a guest user.
You also create a group and add
a member and owner.

Next slide for an architecture diagram


© Copyright Microsoft Corporation. All rights reserved.
Lab 01 – Manage Entra ID Identities (architecture diagram)

Task 1
User1 Invited guest
IT Lab Administrator IT Lab Administrator

Task 2
IT Lab
Administrators

© Copyright Microsoft Corporation. All rights reserved.


End of presentation

© Copyright Microsoft Corporation. All rights reserved.

You might also like