Presentation is loading. Please wait.

Presentation is loading. Please wait.

Gregor Šuster, Microsoft Azure Active Directory. Kaj je in kaj ni Azure Active Directory (AAD)? Različice storitve Azure Active Directory Predstavitev.

Published byLee Benson Modified over 8 years ago

Similar presentations

Presentation on theme: "Gregor Šuster, Microsoft Azure Active Directory. Kaj je in kaj ni Azure Active Directory (AAD)? Različice storitve Azure Active Directory Predstavitev."— Presentation transcript:

1 Gregor Šuster, Microsoft Azure Active Directory

2 Kaj je in kaj ni Azure Active Directory (AAD)? Različice storitve Azure Active Directory Predstavitev nekaterih funkcionalnosti storitve AAD Agenda

3 Rešitev (storitev) namenjena definiranju identitete v oblaku ter upravljanju z le-to. Sestavlja jo imenik, napredno upravljanje z identiteto, varnostjo in dostopom do aplikacij, razvijalcem pa ponuja s standardi podprto platformo za zagotavljanje avtorizacije in nadzora. Kaj je Azure Active Directory?

4 Kaj Azure Active Directory NI?

5 Self-service Single sign on Username Zakaj Azure Active Directory? Simple connection Cloud SaaS Azure Office 365 Public cloud Other Directories Windows Server Active Directory On-premises Microsoft Azure Active Directory

6 Zakaj Azure Active Directory? Azure AD Active Directory AD FS Active Directory Domain Services Sync

7 The current reality…

8 Ne glede na različico, v ozadju je tehnološko enaka storitev Različica pomeni zgolj dostop do različnih funkcionalnosti, ki so na razpolago Različice: AAD Free, AAD Basic, AAD Premium Različice storitve Azure Active Directory

9 Azure Active Directory različice + Office 365 IAM features Azure AD FreeAzure AD Basic Azure AD Premium Office 365 IAM features Common Features Directory as a Service 500,000 Object Limit No Object Limit No Object limit for Office 365 user accounts User/Group Management (add/update/delete)Yes SSO to pre-integrated SAAS Applications /Custom Apps10 apps per user No Limit10 apps per user User-Based access management/provisioningYes Self-Service Password Change for cloud usersYes Identity Synchronization Tool (Windows Server AD integration, Multi Forest) Yes Security Reports3 Basic Reports Advanced Security Reports 3 Basic Reports Cloud App Discovery*Yes(Basic) Yes(Advanced)**Yes(Basic) Premium+ Basic Features Group-based access management/provisioningYes Self-Service Password Reset for cloud usersYes Company Branding (Logon Pages/Access Panel customization)Yes SLAYes Premium Features Identity Synchronization Tool advanced write-back capabilities * (FY15 Roadmap) Yes Self-Service Group ManagementYes Self-Service Password Reset/Change with on-premises write-backYes Advanced Usage ReportingYes Multi-Factor Authentication (Cloud and On-premises (MFA Server))Yes Limited Cloud only features for accessing Office 365 Azure AD Application proxy*Yes MIM CAL + MIM ServerYes Administrative Delegation* (FY15 Roadmap)Yes

10 Azure Active Directory GA features Your directory in the cloud Connect on-premises directories to Azure AD Azure AD Sync Multi-Forest Support Single Sign-on to thousands SaaS apps+ LoB and Custom application support Application Proxy Enterprise SLA of 99.9 percent Empower users Self-service password change Self-Service password reset Delegated group management Self-Service security settings management Single Sign-On to on- premises applications from the Access Panel (Azure AD Application Proxy) Centrally managed identities and access Group-based user assignment to SaaS apps Group-based provisioning Company branding Password writeback Monitor and protect access to applications Advanced Security reporting and analytics Application usage reports Alerting/Notifications Multi-factor authentication

11

12 Upravljanje s skupinami

13 Password Reset

14 Povezava identitet z MFA Multi-factor Authentication

15 Dostop do SaaS aplikacij

16 Nekaj SaaS aplikacij

17

18 Application Proxy (Preview)

19 Potreben outbound promet Azure Application Proxy Port Number Description 443 To enable user authentication against Azure AD (required only for the Connector registration process) 9352, 5671, 20200 – 20210 To enable communication between the Connector toward the Azure service for incoming requests. 9350 Optional. To enable better performance for incoming requests. 10100 - 10120 To enable LOB HTTP responses sent back to the proxy 8080 To enable the Connector bootstrap sequence and to enable Connector automatic update 9090 To enable Connector registration (required only for the Connector registration process) 9091 To enable Connector trust certificate automatic renewal

20 Objava aplikacije

21 Perimeter Network Private Network Connector Application

22 The following features are currently in public preview and will be added soon: Administrative units: a new Azure Active Directory container of resources that can be used for delegating administrative permissions over subsets of users and applying policies to a subset of users. Add your own SaaS applications to Azure Active Directory. Azure Active Directory Connect Health: monitor the health of your on premises Active Directory infrastructure and get usage analytics. Password rollover for Facebook, Twitter, and LinkedIn. For more information, read this article. Dynamic group membership. For more information, see this article. Conditional Access: Multifactor Authentication per application. HR application integration: Workday Privileged Identity Management: Privileged identity management provides improved oversight to help meet service level agreements and regulatory compliance requirements. Self-service application requests: Administrators can provide a list of SaaS apps to users from which so that users can choose the ones they want to use, and the apps either will be available immediately or after approval. Azure reporting API: data for every security report of Azure Active Directory will be available to other monitoring or SIEM tools. Vir: https://msdn.microsoft.com/en-us/library/azure/dn532272.aspxhttps://msdn.microsoft.com/en-us/library/azure/dn532272.aspx Funkcionalnosti v bodoče…

23

24

Download ppt "Gregor Šuster, Microsoft Azure Active Directory. Kaj je in kaj ni Azure Active Directory (AAD)? Različice storitve Azure Active Directory Predstavitev."

Similar presentations

Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Azure AD & Office 365 1. Logon with Username / Password 2. MFA challenge 3. Reply to MFA challenge -1-way or 2-way SMS -Phone call -Mobile Application.

Azure AD & Office Logon with Username / Password 2. MFA challenge 3. Reply to MFA challenge -1-way or 2-way SMS -Phone call -Mobile Application.
Identity Manager vNext

Identity Manager vNext
Microsoft Ignite /16/2017 3:28 PM

Microsoft Ignite /16/2017 3:28 PM
Identity management integration options for Office 365

Identity management integration options for Office 365
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
Microsoft Ignite /16/2017 4:55 PM

Microsoft Ignite /16/2017 4:55 PM
Sessions about to start – Get your rig on!. Notes from the field – Implement Hybrid Search and OneDrive for Business Chris Zhong - Microsoft Aaron Dinnage.

Sessions about to start – Get your rig on!. Notes from the field – Implement Hybrid Search and OneDrive for Business Chris Zhong - Microsoft Aaron Dinnage.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
IT can provide users with a common identity across on-premises or cloud- based services, leveraging Windows Server Active Directory and Azure Active.

IT can provide users with a common identity across on-premises or cloud- based services, leveraging Windows Server Active Directory and Azure Active.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Microsoft Identity and Access Solutions Market Trends and Futures

Microsoft Identity and Access Solutions Market Trends and Futures
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Scenario covered in this presentation Separate credential from on- premises credential Authentication occurs via cloud directory service Does not.

Scenario covered in this presentation Separate credential from on- premises credential Authentication occurs via cloud directory service Does not.
OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.
Single Sign-On with Microsoft Azure

Single Sign-On with Microsoft Azure
Windows Azure Conference 2014 Windows Azure AD – All about WAAD & integration with on- premises AD.

Windows Azure Conference 2014 Windows Azure AD – All about WAAD & integration with on- premises AD.
PCIT313. Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers.

PCIT313. Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

Similar presentations

Ads by Google