OVERVIEW OF AZURE ACTIVE DIRECTORY (AZURE AD) – PART 2

You are here:-, Videos-OVERVIEW OF AZURE ACTIVE DIRECTORY (AZURE AD) – PART 2

OVERVIEW OF AZURE ACTIVE DIRECTORY (AZURE AD) – PART 2

In previous Article, we have seen the Basic Understanding of the Azure AD and the Different Editions.

Overview of Azure Active Directory (Azure AD) – Part 1

In this Article, We see how the to Sync On-Premises Identities to the Azure AD and how to enable the different model based on the requirements.

Many of the large Organizations are already setup well defined On-premises Windows Server Active Directory Domain Services and most of the online customers will worry how to trust cloud based solutions and sync the Entire AD Infrastructure in a secured way. also they will get in to a conflict with compliance issues on Password sync.

Microsoft provides different types of Directory sync Models and you can get them configured depends on your organization requirements. Each model has Merits and Demerits.

Azure Identity Models:

Cloud Based Identity Model:

IN this Model, Users accounts  are getting created in the Cloud Azure AD and managed in the Cloud itself. there will not be any link between the users On-Premises Accounts.

Pros:

1. Any network issues between onpremises and cloud, there is no major impact for the cloud services.

2. No need to have any additional setup required other than creating the iser Accounts in Cloud.

Cons:

1. Users needs to keep their both On-premises and Cloud Identity Details. Hence it will bring users to confused state which one is for mail access and which one is for the Mailbox Access.

2. Troubleshooting will become more complicated when issue occurs to check on where is the issue.

3. Administrators needs to keep two different password reset portals and options for the users. Maintaining the two different Identity models will become more conflict when the during security incident happens and tracking the usage.

Synchronized identity:

In this model, We will be Syncing all the user accounts along with respective Passwords Hashes(only) by using Azure AD Connect.

Pros:

1. Users will be using the same Accounts and passwords for both On-Premises and Cloud Applications.

2. Password Hashes only synced hence there is breaches in the security Policies.

Cons:

1. User accounts are synced with Password hashes, Many Organizations they don’t want to sync passwords to cloud which brings attention what will if cloud got password attack as it is Shared Geo Model.

2. Have to install Additional Azure AD Connect application in On-premises Server to sync the users and Groups to Cloud.

Please refer the below Azure AD Connect (Azure AD Connect) Installation Documents, Azure AD Connect can be installed using two different options

By | 2018-04-27T13:16:02+00:00 July 31st, 2012|Categories: Creative, Videos|Tags: , , |0 Comments

About the Author:

Avijit Dutta is a Principal Consultant on Microsoft Windows Server and Messaging. He has an industry experience of over 15+ years. His vast experience in various technologies like Microsoft Windows Servers, Exchange Servers,Office 365, Azure, Skype for Business, Active Directory, Power Shell, Hyper V etc.

Leave A Comment