Windows Azure Active Directory

Windows Azure Active Directory: Control Access to Windows Azure

Download this episode

Download Video

Description

Another cartoon format video plus demos, which shows how you can use Windows Azure Active Directory to create a team of users who can login and access the Windows Azure infrastructure; how you can set up 2-factor authentication for those with serious responsibilities, how to set up Dir-Sync between your on-premises Active Directory and Windows Azure Active Directory and finally how to set up federation between your on-premises Active Directory and Windows Azure Active Directory - giving a way of allowing your developers to use their corporate credentials to access Windows Azure and handing control of the cloud back to your enterprise administration.

Have fun with it - this is seriously cool technology!

Planky...

Embed

Format

Available formats for this video:

Actual format may change based on video formats available and browser capability.

    The Discussion

    • mrpaulb

      I know it's only been 8 hours since video release, I logged into my azure account and cannot do anything that is shown in this video ! if I add AADS I get taken only to the old ACS management portal.

    • Planky

      Give it a try now  Wink

    • mrpaulb

      Still the same as before, my guess it's either.

      a) My azure account is not the same login as my Office 365  (is this a requirement ?) ... or

      b) New system is not live in all regions yet ?

      I'll check back another time.

      Thanks

      Paul

    • MikeKline

      Excellent job again, your cartoons are turning you into a star Smiley

      Thanks

       

      Mike

    • Planky

      Hi mrpaulb,

      On re-reading your opening post I can see that you tried to log in to Azure using a standard LiveID.

      To get those new AD features enabled in the portal, you need to log in to the Azure portal using your WAAD account. That means you need to CREATE THE WAAD TENANT FIRST. Go to 11:18 in the video and be sure to follow that initial step. Some steps are not shown in that part because it was recorded on a pre-production system. You need to associate a WAAD tenant with the Azure subscription of the admin of the tenant. Right now, that means creating a new trial subscription. In the spring that restriction will be lifted and you'll be able to associate an existing Azure subscription with your tenant.

      I've created a short video with all the steps here http://aka.ms/WAADsubscription... Hope this helps you.

       

      Thanks for your enthusiasm Mike.

    • mrpaulb

      All sorted makes complete sense once I understand this preview is a separate azure island.

      I've recently discovered the new O365 is 3 (possibly more) islands and can't have one organisation with a mix of users with different licenses, not a big deal once the detective work has been done to work these things out !

      I'm looking forward to the time when I can use one account to Manage Azure, O365, InTune & hopefully future preview features without the need to create more accounts.

      Even better if I could have one login to manage multiple companies for all Microsoft online services Smiley 

      Many thanks for pointing out exactly what I needed to make it work.

      Paul

    • mrpaulb

      Sorry me again !  Ignore the two last posts. The issue is the chair -> keyboard interface. (mostly)

      Missing the click on live id or organization account button before logging in. Well managing to not get asked this annoying but obviously important question first few attempts !

      I have it all working now using three different browsers so there is no conflicts.

      Paul

    • Planky

      Do you mean you had to try 3 different browsers to get the button to appear?

      Anyway I'm glad you have it all working now.

    • mrpaulb

      Sorry didn't explain three browsers.

      I use this live id for MVA and an Azure subscription. (one I tried and failed to use to look at new WAAD services). First account I setup.

      I have an organisation account for my live O365 service. (second account setup)

      I now have the new organisation account for Azure to look at WAAD. (I think I'm correct in this was currently the only way to see the preview).

      If you try an switch between these services without logging out of each one every time it's a complete pita, hence I now use 3 different browsers at the same time to save endless logout / login steps and or confusion.

      It would be great if I could login to my live O365 account and use for Azure live services and also Azure preview services. (or integrate with any other ms online service like InTune.) 

      I think I understand much of this is coming soon using WAAD.

      Paul

    • john

      Hi

      Below link would be useful for you to learn about Ground knowledge of active directory management
      Link:http://www.windows-active-directory.com/

    • CodeGrue

      What if you run DirSync and you already gave user accounts both on prem and in office 365/azure ad? Will it match them up? Does it also sync passwords?

    • Dean Flanders

      Hello Planky, We are extremely interested in doing a FIM POC with Azure AD. Can we get in touch with you ASAP to get some input? Thanks, Dean Flanders (www.fmi.ch)

    • Planky

      Hi mrpaulb.

      You are describing a feature of IE (since IE8 I think) where if you have ANY instance of IE open, it maintains the authentication cookie across all instances. You could alternatively open private tabs.

    • Planky
    • Planky

      Hi Dean,

      I can set you on the right track - email me a splank@microsoft.com. I just won't be able to get involved in detail - I'm in the UK. I can put you on to a partner who know this very well - UK based but they have international offices.. I don't know any swiss partners in this cloud/identity space...

    Comments closed

    Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.