Welcome back. This is the first episode in a series of episodes talking about identity and azure active directory.
My objectives include understanding as your active directory and then going over some key terminology. Also, jump out to the azure portal and take a look at a quick demo.
So it is as your active directory. It's gonna be very similar to the active directory environment you might be used to in your on premises Data center. It is Microsoft's cloud based identity and access management service.
It hosts your user I. D s and passwords for Authentic Kitty to Resource is that your users need access to
those resources Could be internal, such as corporate applications or the Internet, where they could be external. Resource is such as office 3 65 azure or other SAS applications.
If you already have a subscription to another Microsoft service like Office 3 65 or Dynamics CR M online, you're already using azure Active directory. Each of these service is automatically comes with an azure 80 tenant Does the core and backbone of the service
as your A D requires licenses in order to use the service for signing
service is like office 3 65 automatically come with Azure 80 licenses to get access to the free features.
You can then enhance your azure 80 deployment by adding paid upgrades. The first of these is the Azure 80 p one license, which will provide additional features like dynamic groups or self service group management.
One tier above that is the azure 80 p to license, which includes additional features such as risk base, a conditional access or privileged identity management.
We'll be covering some of these concepts and later episodes.
The important thing to note is that there are several tiers of azure active directory, and additional capabilities can be added on through the purchase of additional licenses.
There are a couple of key terms I want to cover that we haven't discussed yet. The first is subscription. I've mentioned subscription quite a few times when deploying Resource is, but these are important as they are. How we pay for Azure Service's subscriptions are backed by a credit card and can be used to divide up who pays for the different resource is inside of azure.
The next is domains or custom domains.
When you first create an azure active directory tenant or an office 3 65 10 in a domain name is created for you. Based on your organization name For this course, we were given the name of cyber ery ese 300 outlook dot on Microsoft dot com, which ties back to the M s account were created in earlier episodes.
Every tenant will include the dot on Microsoft dot com domain name, but you can add on your own custom domain names to match what you're already using in your on premises environment. Finally, there's Global administrator account. This account has all the admin functions for Azure 80 and other service is
this is the account that was used when signing up for the service, but additional admin is can be added to the group later on. However, not everyone needs to be a global admin and have all that power. So there are additional roll based at men groups you can place other administrators in. We'll take a look at these more and later episodes
that does it for a couple of our key concepts. Let's jump out to our demo where we're gonna add a custom domain name to our tenant
here. We are back in our azure portal. If you notice under our favorites, we already have. Azure Actress directory Fair did. So let's go in and check out how to add a custom domain
under manage. We're going to go down to custom domains.
You see the default one here that we talked about inside of our slides. It is currently available, and it is our primary one. Let's go ahead and add a custom domain
and I have a domain here that I want to add. Called a Z 300 tech dot com.
Before this domain is added, we have to verify that we actually owned this Tomei. This prevents anyone from just adding any domain that they may not own to their azure 80 tenant. And what we get here is a couple options. First, we can create a text record using the values provided here by the portal, or we can use an MX record to verify our identity.
Let's go back to the text record,
and I'm gonna pause the video for a second to go create this record with my D. N s register where I registered that domain name
on the screen. You should be seen the D. N s record that I created.
Now, once this is created, it can take a little while to propagate Before you can verify your domain. Let's go ahead and try it real quick.
It was successful. So we now have this custom domain added to our azure active directory.
We go back, we can see that it is now verified.
And if we wanted to, we could select it
and go ahead and make it our primary domain name for our tenant.
There it is. It is now the primary for our azure 80 tenant
that does it for this demo. Let's jump back to the slides so we can wrap this up.
Coming up next, We're gonna discuss how we get our own premises Identities out into Azure A D by using Azure a D Connect. See you in the next episode.