Time
14 hours 28 minutes
Difficulty
Intermediate
CEU/CPE
15

Video Transcription

00:00
Hello, Siberians. Welcome to Lesson 1.12 Off the one off Discuss titled Is that Reserve? One? Microsoft Azure Architect design.
00:11
So here's what are recovering in this demo,
00:14
I'll be showing you our to configure guest user access to enterprise applications. In essence, a joy D B to B.
00:22
That's what my environment looks like
00:24
on the left. Outside, I have the super clouds that X y Z as as your lady tenant,
00:30
and I have my job description that uses that Tennant assessed identity provided
00:36
it can also had, or the applications like Box and our Sales Force
00:40
two that I drew a deterrent Now on the right. Inside, there was another organization we dear one as your A D tenants called. Very cloudy that X y Z.
00:49
Now the thinking here is uses in very cloudy that X Y Z needs to be able to access applications that trust the super cloud of X Y Z tenants. Provide and creating Separate is that comes for them. Want to invite users from the organization to be ableto access applications within the Super Clouds organization?
01:08
So that's what I'll be showing you out. Invites the user's on how to give them access.
01:15
Two.
01:17
An application like the Azure subscription. So let's go ahead and do this.
01:21
To start with. What I would do is in the azure Pato out click on as active directory
01:27
and when I get to attractive director, if I click on the users
01:30
so I can see a list off all the users that I have. But the ones that are called cloud identities that were created in a jury 80 on synchronized identities that originated from on premises but was synchronized is in the azure lady connects to.
01:48
So what? I can do this on a very top here. You can see the option for new guests cheese, But before I do that, let me show you some other options.
01:56
If I go back on the super clouds,
01:59
if I click on the user settings,
02:02
you have the option. Here waits his ex now users that you can use to manage external collaboration settings
02:09
on if I click on that option. So this is where you can sort off control how you can collaborate with other organizations. So, for example, you can say guess user's permission is limited,
02:22
which is by the 40 years, admits and users in the guest invited Bo can invite. So you can say that a yes or no. So when you give people this role now, Mr can invite guests you does from order as your lady tenant or maybe even Google organization, or even just outlook. That's comma Jimmy or that come.
02:39
You also have the option to say allow invitations to be sense to any demand. Or you can sort of have, like a white Liza blacklist approach where you can say, deny invitation to the specified domains but allow invitations for any other domains. Or, you can say allow invitations only to disperse. If I domains and
02:59
deny all of the demands. That's where you configure the organization settings for that.
03:04
If I quiet and click on uses,
03:07
I have the option to give this power to use us within my organization. So maybe I create a group that I make the user's the owner off that group on guy, give the group access to applications are content within my organization
03:23
on Dhe. Then they can invite external users to be members of that group. In this case, I would just klick a new guest user.
03:32
Ah, now click on invitees. Now the user's name is John Fast.
03:37
So if I guide and type John Frost on John first email addresses John
03:43
at very cloudy that X y Z,
03:47
and are putting gents details there.
03:52
First
03:53
personal message.
03:57
John,
04:00
this is for your access to,
04:04
uh, super plants.
04:08
Oh, well, the projects
04:12
the were working on
04:15
she gave them excellent. So if I do that, if I want that so I could add turn to sit in groups. So So let's say I have set includes which I have in this case have created groups for like external boxes, says or external seals was access. I can have John to remembers off those groups there.
04:34
In this case, I'll just quiet and just make John the user
04:39
on dhe. Allow signing and set a usage location for Trunk,
04:44
which face a United Kingdom. Also,
04:47
Andre Guide and Click invites.
04:51
So that sent an invitation email to John. So if I go over to John's account over here
04:59
and here we go on the Microsoft invitation under makes off invitations email. If I click and that's
05:05
it says you've been invited to access applications in the Super Clouds organization.
05:11
So John can go ahead and click on Get Started.
05:17
That's gonna go ahead and accept that
05:23
that my organization can
05:25
reads some some basic profile information for John.
05:32
And here we go. So, John, it's now being had it to super clouds organization. So if I go back on the Super Cloud, if I go to
05:42
let's refresh this
05:45
on, let's such for Trump.
05:48
And you can see we have John first with the guests Visa, which from the source. So why can Nowadays I can go to my azure subscription? So let's say in this case, John needs to collaborate with sudden developers in my organization, and I've created an azure subscription for them that they can use
06:06
on John. Need access to that description. So if I got the subscriptions, I can select that option. I can go on their identity and access under our identity and access management. I can add a new assignment
06:21
on dhe Selective also, let's say the contributor wrote to this description
06:30
on DDE. What do I want to give their go to if I said for drum guess, user and they can save that.
06:38
So, in essence, what I've now done if I go on general assignment is I've made John a contributor to this description,
06:45
and that is great, because what John can now do is the John should be able to access, decides your subscription on be able to collaborate with other developers within my organization.
06:55
If I come back to John's Environment here,
06:58
I bring up a new top. And if I go to porto dot as they come
07:08
and John is currently still collected, very clouded up X y Z.
07:12
But what junk and also dough should be able to do? It's junk can click on that option to change the victories on John Can Switch Over to Super Cloud that X Y Z
07:24
and when Jones, which is a rather SuperClubs stop X y Z.
07:28
If John goes on the subscriptions, he considered John as access to that same prescription, Heidi. So that is into its 98 290
07:36
If I go on the Super Clouds, if I go under the subscription,
07:42
you know that the subscription idea into its night to night zero. So
07:46
that's it for this demo. Let's go back to the slates to review what we've done
07:51
Here's a summary of what we covered in this lesson.
07:55
So in this demo, we covered out to configure guest user access to enterprise applications. I hope you found this video in for Meitiv and I'll see you in the next lesson in this class.

Up Next

AZ-301 Microsoft Azure Architect Design

This AZ-301 training covers the skills that are measured in the Microsoft Azure Architect Design certification exam. Learn strategies to plan for the exam, target your areas of study, and gain hands-on experience to prepare for the real world.

Instructed By

Instructor Profile Image
David Okeyode
Cloud Security Architect
Instructor