Azure Active Directory (Azure AD)
- An identity and access management service that helps you access internal and external resources.
- Azure AD licenses: Free, Premium P1, Premium P2 and Pay as you go
- Free – user and group management in your on-premises directory
- Premium P1 – allows access to both on-premises and cloud resources.
- Premium P2 – provides an additional feature called Azure AD Identity Protection.
- Pay as you go – offers a feature called Azure AD B2C.
- You can use Azure AD Authentication for a self-service password reset, MFA, custom banned password list, and smart lockout.
- Allows you to manage external identities using Azure AD B2B.
- Azure AD B2C is a business-to-customer identity as a service that allows you to control how your users sign up, sign in, and manage their profiles when using your applications.
- Azure AD B2C provides you control on how your users sign up, sign in, and manage their profiles when using your applications.
- You can manage the access in your cloud apps with conditional access.
- With Azure AD Device Management, it allows you to manage and configure device identities.
- If you need to manage domain services such as domain join, group policy, and authentication, you can use Azure AD Domain Services.
- Identity Governance ensures that only the authorized people have the right access to specific resources.
- Supports hybrid identity to access resources in the cloud or on-premises.
- Monitor the security and usage patterns of your environment with Azure AD reports and monitoring.
- With Azure AD Connect Health, you can view alerts, monitor performance and check usage analytics of your on-premises Active Directory and Azure AD.
- Detect potential vulnerabilities and resolve suspicious actions with identity protection.
- Azure AD PIM helps you control the access within your organization.
- You can use security defaults to enable MFA in your organization.
- Enabling security defaults protects you from common identity-related attacks.
- You use block legacy authentication if a user is using a legacy application.
- Identity secure score helps you verify your configurations if it’s aligned with Microsoft’s best practice for security.
- You can lockout intruders that try to guess your users’ passwords or use brute-force methods in Azure AD using smart lockout.
- Manage, control, and monitor access to significant resources in your organization with Privileged Identity Management (PIM).
Authentication Fundamentals: The Basics
Learn more about Azure Active Directory in this playlist from the Microsoft Azure YouTube channel: