Identity Synchronization Part 1

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
6 hours 59 minutes
Difficulty
Intermediate
CEU/CPE
7
Video Transcription
00:00
welcome submarines to the M s 3 65 Security Administration course
00:05
I'm your shorter Jim Daniels. And today we're going to start a model to identity and access lesson to identity synchronization.
00:15
Upon completion of the short lesson,
00:18
you will learn
00:19
synchronization of on premises out of directory with azure active directory and different provisioning options. Within M s 3. 65
00:28
as your active directory or as a lady
00:31
is the cloud based user identity authentication service, as used by office 3 65 as well as invest 3 65 as a whole to manage identities and authentication
00:43
as your A D is included with any office for 65 subscription
00:47
as your A D Premium one is also included in a possibility of security E three sweet lessons as well as an M s 3 65 e three sweet lessons
00:58
as your 80 premium plan to
01:00
that's included in the Enterprise inability of security E five sweet license.
01:06
And yes, it m s 3 65 e five sweet license
01:11
We hit on this earlier. We're going to expand on it now
01:15
The M s 3. 60 fall of authentication and provisioning options. I'm someone cloud. Only users are created and managed direct in Azure 80. This requires zero on premises infrastructure
01:29
you don't have to have at a directory already rolled out
01:32
in your internal network.
01:34
Zero directory services is required.
01:38
Dr. Resync with pastor authentication
01:41
uses were created and Manners one. Premises 80 and sink into Azure 80.
01:47
With this, you typically used as your A D connect.
01:51
And you can also have a hybrid
01:53
provisioning option toe, where you can create both
01:57
cloud only users, as well as users that will be synchronized
02:00
from on premises.
02:04
The third option is SSO with a DFS.
02:07
Users are created and managed one premises at a directory and sing to Azure 80.
02:14
In that model, a DFS provides all of the authentication services
02:19
so as your A D doesn't actually provide authentication services with this particular option,
02:24
directory Synchronisation is a synchronization of director identities or objects between two different directories.
02:31
We have application servers that utilize on premises. L dap.
02:36
We have a third party cloud servers that utilize as your A D for authentication. It is best practice to leverage your directory services for authentication whenever you can.
02:49
The azure at the directory connect all as Radi Connect is the officially recommended the Writer synchronization tool for M s Racist E five.
02:58
It has constantly updated features, and it actually recently has taken place
03:04
of even someone's of federation features that used to be available only on a DFS infrastructure is now starting to appear in ads. Radio Connect.
03:14
It's made up of three forced synchronization services,
03:16
optional
03:17
Federation services, peace and a monitoring piece.
03:22
Azure 80 requires a single source of authority for every object.
03:27
When you use as your 80 connect
03:30
your on premises at the directory. Is that source of authority?
03:34
Let's test your knowledge. Do you notice when you Poisson sso with a DFS?
03:39
Where does authentication take place?
03:43
Is to take place in as radi
03:46
in the authentication panel in Asir.
03:49
Is it take place in a DFS
03:52
or is authentication for losers?
03:55
If you chose de,
03:58
please go back to us and one model one
04:01
and start from there
04:03
because that's just still s is nonsense.
04:08
Give you a few more seconds to this is one of the more challenging ones.
04:13
It takes place in a DFS
04:15
again. Federation Services.
04:18
That's one of the issues in the past with using a DFS is you have that single point of failure.
04:26
One. Print your own Primedia. This.
04:28
Once we get in a more detailed A DFS, we'll see how this has been tackled over the last few years, and some of the additional federation options that you have that one
04:39
have that single point of failure present itself.
04:43
So in recap,
04:44
Azar 80 is a cloud based user identity and authentication service that's used
04:49
by office 3 65
04:51
and M s 3 65 to manners, identities and authentication
04:57
over. See for the next lesson,
04:59
take care.
Up Next
MS-500: Microsoft 365 Security Administration

The Microsoft 365 Security Administration (MS-500) training course is designed to prepare students to take and pass the MS-500 certification exam. The course covers the four domains of the exam, providing students with the knowledge and skills they need to earn their credential.

Instructed By