Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-533 Training | Edureka

hello guys i am vishal and i welcome you all to this session by dear Rekha today I’m going to give you an overview of yet another Microsoft Azure concept and today’s topic of discussion is Azure Active Directory but before we do go ahead and understand what an Active Directory exactly is let’s start by taking a look at today’s as in the first so what do we have here first and foremost we would be starting things off by understanding what an Azure Active Directory exactly is and why it is needed we would also understand what is the difference between Azure Active Directory and Windows Active Directory should also understand what are the different audiences this Active Directory caters and discuss what are its different editions I would also talk about what are Azure Active Directory tenants finally I would finish things off with the demo part now when we talk about the demo I would be talking about how do you go ahead and create users and how do you go ahead and create an Active Directory how to also be discussing quite a few other terms as well but that is for the later part let’s start by understanding what an Azure Active Directory exactly is let us start by taking a look at the definition first now if I talk about the definition this is what we have it is Microsoft’s multi-tenant cloud base directory an identity management service that combines core directory services application access management and identity protection into a single solution now there’s so many terms in it and so many things to understand let me simplify this definition so that you understand it in a much better way to do that I would be giving you an example think of it in this way suppose I am a cloud vendor or not a cloud vendor I am a service vendor and I reside on a cloud that means I have a particular application that runs on cloud now this service is used by quite a few customers plus there are quite a few organizations that I have to interact with now in this case all these medias or customers and organizations they have to communicate with me so how do they do it well what they would do is they would go ahead and create an account or maybe have some user IDs through which they can actually communicate with me now this is ok if the number is countable or manageable suppose there was a situation where we had a number of people and the number of people was constantly increasing suppose I have some around thousand two thousand people now these many logins and these many credentials managing all these can be a huge problem let me give you an example how does this happen exactly or what problems do you face normally suppose I have ten organizations now to login to all this or give access to all these ten organizations can be a used problem why all these organizations might have different kind of accesses based on that I have to set in different security protocols as well if certain organizations have an easier protocol what if they get an access to other organizations as well or to the data that other organizations have to correspond to in that case it can be a huge problem apart from that I might have n number of customers and keeping track of so many customers can again be a problem when you talk about creating credentials so all this is a huge problem so what happened was Microsoft Azure it went out and created something called as Azure Active Directory it is nothing but something that acts as a middleware it takes care of all the signings and all these things how now the users will have a single sign-on process that means they would sign in only once plus they can have access to the applications that are there which I provide them now this intermediary that is your Active Directory what it does is it federates all the responsibilities or taking care of access and all those things that is the way I set all the rules it just incorporates those rules and accordingly it use access to all the users thus simplifying all the complexities that I would face otherwise so this is what an Active Directory exactly is it basically goes out and simplifies all the signing in and user authentication processes or identification processes rather now as we move further we would be discussing quite a few other terms and you’d be having a clearer picture as to what I am saying exactly but meanwhile you just bear with me and let’s move further and try to understand what are the other points that we need to talk about okay a side did miss out on this point what microsoft azure does is it also gives you something called as a better platform where developers can develop the applications with lot more ease again as we move further we’ll be understanding this point as well so what is the exact difference between Windows ad and Azure ad let’s try to understand that as well and when you talk about Windows ad that is active directory these are the layers it has to take care of you have something called as your domain services you have your lightweight directories you have your Federation services certificate services and rights management services as well now these are so many things to take care of when you talk about your Active Directory with Microsoft Azure it combines all these layers into two firstly you have your Windows Azure Active Directory now it is something that takes care of all the services that surround or revolve around identity problems that is when you talk about identification management this is the part that takes care of it that is your

w.a ad and then we have the other part where you have to actually go ahead and communicate with other organizations I give you an example of 10 different organizations needing 10 different things that is federating all these organizations your Windows Azure access control services it takes care of all those things so both these so-called active directories the more or less serve similar purposes but the approach in which they do is is completely different your Active Directory has more layered approach where every service is given a different layer or different way of handling it but when you talk about your Microsoft Azure Active Directory it simplifies things your first layer takes care of most of the things and the remaining things are something that is taken care by your Windows as your access control service also when you talk about Active Directory it uses something called as LDAP for various of the communications but when you talk about your Azure Active Directory here you use something called as your rest APs again the approach is completely different so what are the audience’s that are catered by this directory well first and foremost we have IT admins now when I talk about IT admins what Microsoft Azure Active Directory does is it provides in single sign-on for various applications now there quite a few SAS applications that is software as a service applications and various unpromising occasions to which you have a single sign-on you do not have to log in every now and then now I’ve worked on quite a few applications and places where you have to log in every now and then you have a lot of trouble because you have to remember so many passwords and so many logins and these different credentials can be a problem now this is something your Microsoft Azure takes care of single sign-on is very convenient apart from that it ensures strong identification and there quite a few processes that ensure this now I wouldn’t be discussing those points in detail but yes when you talk about identification microsoft azure ensures that it happens in a very good manner plus it automates quite a few processes again easing up this process apart from that it also caters quite a few developers as well now I’m talking about quite a few organizations and since sign-on becomes easier here your application developers can focus on building applications and since they have access to so many organizations and so many resources application development definitely becomes easier online customers now people who have been working for quite a while they might know that we have things like office 365 or you have your CRM services as well now you had an access to all these things by using your Windows Active Directory but your Microsoft Azure Active Directory also used access to all these services that means if you are using or have account on any one of these things you can have access to all these services or have access to all the Active Directory services that Azure has to provide to you so what this does is it caters the needs of various online customers as well so let us try to understand the next point that is Azure Active Directory editions for that what I’m going to do is I’m going to go ahead and switch into the Microsoft’s web page basically or I’m going to switch into my browser and move to their website and talk about all these points so instead what I would do is I would first discuss the last point and before we do go ahead and take a look at the demo then we would just go ahead and talk about these points as well so that we can directly switch into the demo part so let’s move further and try to understand the next point and then come back to this point so what our tenants basically now when you talk about a tenant it is nothing but an organization I just mentioned that we have tens of organizations that a particular application might cater now all these organizations are treated as tenants all these tenants can have access to a particular Active Directory or more than one Active Directory as we move into the demo part I would be talking about how to create multiple directories as well yes we can have more than one Active Directory we’ll discuss this as we move into the demo part but before that you just understand these points as in what I’m trying to say exactly yes what happens here exactly is when you talk about a tenant first and foremost it is nothing but an organization and it is a dedicated instance of your Azure Active Directory service plus these are isolated instances that means as I mentioned we have ten organizations or five organizations you’d be having isolated instances for each of these organizations ensuring that they stay aloof and their services and their protocols are maintained differently this is where your Azure Active Directory steps in it takes care of all these things it ensures that nothing is ambiguous or nothing is intermixed everything stays separate plus each and every platform or organization gets serviced equally well as you move further will be creating users and then I would give you the differences as in what a tenant is how do you go ahead and create all the domains and all those things so again into the demo part you’d be understanding these topics with little more clarity or more understanding rhythm this is the demo part but before that as I’ve already mentioned let me quickly switch to the website of Microsoft Azure and I would be

discussing the additions that you can choose from and then we can directly jump into the demo part okay guys so this is a Microsoft dog basically which talks about choosing an addition so these are the options you have we would be finishing this quickly and then we would be switching into the demo part so let’s understand this now what Microsoft Azure does is it gives you various options first and foremost you have three options to pick from and out of these three options the first one is your basic option that is your Active Directory basic then you have your premium which is p1 and then you have one more premium which is p2 all these things provide you with different options that you have first and foremost your main job is to have your access that is your identity management your security and your single sign-on and all those things now these are some of the services that come with your basic account as well and also with your free account what microsoft azure does is for people who are completely new to this session and Microsoft Azure let me tell you that you have a free sign into Microsoft account that means you can go ahead and create your account there and avail the services for a certain duration which are available to you for free so yes you do not have to pay anything there you have a free account in that he’ll be having access to some of these services but if you need advanced services then you have to pay for it and for those things you have three options that is your basic premium p1 and premium p2 let’s try to understand these one by one as in what are these and what do they have to offer to you now if you scroll down and if you take a look at this thing you have your Azure Active Directory basic now this basic is nothing but it is designed for people who are task workers or who are focused on particular application of unplowed now it takes care of everything your single sign-on your SLS and it ensures that the security is 99.9% and it provides with all these features which you can see here that is a self-service password resets and all those things you also have access to quite a few things like your proxies and all those things I won’t be getting into the details of what proxies are and all those things but yeah for people who are admins and who have worked on these topics are in these domains they would understand what do these things mean so yep you have access to all these things which fall under your basic option apart from that you have something called as your premium p1 now this is for people who want to scale up so when you try to scale up you’d be dealing with quite a few things and terms like your I am and all those things would come into picture now I am is nothing but your identity and access management basically which is a very important point when you talk about active directory’s so yes it provides you with these things as well or these facilities as well like Identity Protection your security in the cloud and all those things everything is taken care of for this particular model now when you talk about premium p2 if I scroll down this is what you have it is designed for more advanced protection that means you’d be getting all the services that were provided in basic and p1 apart from that you’d be having some additional services which insure more security that means it focuses more on privileged Identity Management now again this is something that you can read and understand it is very easy but to give you a basic difference your first thing provides you with your basic services that is your basic access gives you basic Active Directory service access then you have your premium version which is focused for scaling up and when you talk about p2 it focuses more on advanced security so these are the three different editions that you can choose from now if you’re somebody who is belonging to a particular organization and wants to go ahead and use these services you can actually go ahead and read all these things and then go ahead and take a decision accordingly now what I’m going to do is I’m quickly going to go ahead and switch into the demo pod for that I need to go ahead and open my Microsoft Azure account so let’s do that well my internet is kind of slow today so it might take a little longer while than normal I can click here on portal and there you go it would ask me to sign in I would be using a dummy account today for this so-called demo I wanted to give you an access to or view to quite a few directories and all those things so that is why I did go ahead and create an accountant or certain Active Directory is created or basically certain accounts created now this is how the azure portal looks like for people who are completely new again you have your dashboard here apart from that you can actually go ahead and create quite a few things that is your virtual machines your data factories and all those things for people who want to know all those things they can actually go ahead and refer the other videos that are there in this series and you’ve know quite a few other things as well but as far as this session goes we are here to talk about Active Directory so let’s head into it and try to understand how do you go ahead and create active directories and all those things now how do you navigate to a particular Active Directory now if you scroll down here you’d be seeing an active directory here for people who have an account on Microsoft Azure and have access to all these things they would have in Active Directory by default so you just have to come here and click on it and a particular dashboard would open up for you people as well now this is how it looks like you have all these things and overview getting started you have users groups which you can manage and monitor you have devices you can connect to your

various applications as I’ve told you you can manage multiple applications as well now in that case what happens is as I’ve mentioned you might be dealing with multiple applications so a particular user what applications should here have access to what domains does he have access to what are the devices that are configured all these things can be controlled or managed from here basically so this is what your so-called Active Directory does now let’s move further and try to create some users now how do we do that well I can click on this icon here and it would give you the list of users that are already there as you can see the quite a few uses here this was a demo account so we did go ahead and create so called users so that you can have a look at them this is something that I created yesterday that is crisp right now how do you go ahead and create an account I would be talking about all these things to give you a start you have to click on this thing new users and this window opens up now again I will have to go back and show you something else how do we deal with all these things well first and foremost you need to given a pseudo name or a name of the person for which you want to create a user apart from that you need a particular domain name or yes a domain name for a particular domain service now how do we get that now these domain services have to be registered with your so called Azure Active Directory so I have these accounts right so I can use one of these accounts to just go ahead and create a particular user suppose I want that user to be assigned or maybe associated with this ID so I can select this domain service extension basically again click on new user so what name should I give to this particular user now I am a huge cricket fan and recently I watched England’s match so let’s pick name of one of the players that belongs to England team say Sam the Lynx and again this is where I would be creating the user say I say sample as a pseudo name and I given this domain details that is at a deer a cat TK now this is something that is configured already that is where I can use it and I can have an account if I used an ID that was not registered with this as your account I wouldn’t have been able to create this user because it would have given me a particular error as we move further we would be taking a look at that as well but for now let’s go ahead and create a legitimate user that is this one now it verifies whether the name is proper or not name is something you can use in any which way you want to but your username has to be legit and valid so I have these details which I’ve entered configuration not required properties can be default and if I have to assign him a rule I can click here you can see the name is verified here as well let’s make him a global admin maybe and again you’d be given a password here if you say show it would show you the password and I would suggest that you note it down because you would be required to go ahead and login and in that case you might be needing this password so a suggestion that you noted down I say ok here and I create the user now it might take a while because at times there are certain things that take awhile but in this case it has happened pretty quickly so as you can see we’ve gone ahead and created a user his name was sampling if I’m not wrong so yes there you have this account which is sample and if you click on it and open it you can have access to that account where you can enter in other details what applications that are there under this user and what applications do you want to assign these devices do you want to configure and all those things if you scroll down you have some other options as well sign in son or it lost now I won’t get into the details of these things but you can assign all these things to this particular user as well so yeah this is what the user looks like and you can actually go ahead and log into this as your account through this user profile as well we can do that what I’m going to do is I’m going to go ahead and create or open an incognito window where I’m going to go ahead and login as this user let’s just say Cognito and now if I try to login I would have to enter in the details I’ve actually gone out and tried logging in but I’ve forgotten the credential details so let me just quickly switch to this window copy this email ID in again switcher so this is the email ID which we have sample next and my password was I hope it is right so when you log in for the first time it would ask you to enter the current password and then you can enter the new password let’s say and then Yuri into the password never and you sign in so what happens is you enter into this portal as a fresh user see I’m a completely new user and it says do you want to start at tor but I don’t want to do that so I would just say maybe later there you go you have your fresh dashboard there is nothing pinned here and everything is completely new so yep you’ve entered in as a completely new user and this is the active directory where I’m assigned to that is my previous active directory as you can see this is

what we have here to offer so yes as a user I have certain privileges and I can have access to this so-called portal so this is something I wanted you all to see there quite a few other things which we are going to go ahead and take a look at it but for now let me just log out and close this tab I’m back here the other things I want you to understand and those things are if I come here what you can see is we have certain users here right there you go now if you take a look at certain email ids you can see these email ids now these are quite huge email ids right what happens is when you do go ahead and register your domain service you register that domain service with Microsoft Azure account and when you do go ahead and create users you would not want to have such use names that is say for example we shall at Microsoft something something something something that can be long right and that is complicated to handle or manage so instead what you can do is you can provide them with sudo identities or pseudo IDs as well so that the process becomes easier or simpler to handle let’s try to do that and see how can we do that can we just go ahead and assign a particular domain name or a domain service when we just go ahead and create a new user or all those things so in order to add a particular domain what you have to do is you have to go ahead and again where is my active directory here it is and I just kind of scroll down you can see custom domain names where you can actually go ahead and add domain names but there are certain caches to it let’s try to understand those now it would ask me to enter a custom domain name and I say the moon domain maybe yeah and let me give it some extension now again let me tell you that this is a demo practice and it won’t take in this particular domain name I’ll tell you why but first let’s just try to add this domain yeah the domain name is added but as you can see to use demo domain dot @ with Azure ad create a new text record with your domain name registrar using the info below so if I say text I need to copy this part and I have to actually go ahead and add this to my particular domain name now I won’t be going ahead and doing that because that is something that we are not discussing here because for that we would be needing some other domain name which I do not have right now with me so if you do go ahead and try to add a particular domain name you need to have that particular domain that is suppose I’m using a particular website or I have a particular organization which has a particular website or a domain name that is XYZ at XYZ calm or something like that so I need to make sure that I go ahead and register or have access to that particular domain and then I need to go ahead and attach this particular text to it or authorize this text with it so that I can actually go ahead and confirm with Microsoft Azure that yes I have an access to that particular domain and only then can I go ahead and use this particular domain with my Microsoft Azure now if I click here on verify it would give me an error that I’m very sure C could not find the DNS record for this domain DNS genius may take up to 72 hours to propagate that means I have 72 hours to go ahead and add this particular text message to that domain and so that I can verify that yes this domain is legal but in this case it isn’t I just took something for the demo purpose or for the referencing and this is the domain that I might have or which I can actually go ahead and use so yeah this is how you actually go ahead and add a particular domain and you can actually go ahead and create a user as well what you have to do is when you do go ahead and register this particular domain you can just go ahead and follow the processes like creating a user which we did in the previous case because that was the registered domain when I use that so-called ID record or TK it was registered with my so called as your account and I could actually go ahead and register that particular user but in this case I cannot but yes if you do go ahead and create a particular domain or you want to go ahead and create a particular domain or register a particular domain make sure that it is valid and it is under use and you can actually go ahead and register that particular domain by using this particular process so yeah this is how you actually go into all these things now when you have this particular domain which is not resisted and if you do go ahead and create a particular user on it what happens is your Microsoft Azure would let you create that user but the credentials or the access that user has is as a guest user because your Microsoft isn’t sure that this domain which you just created is actually registered or something that you can actually go ahead and use so that is one point which you need to consider now let me just quickly go back to my Active Directory and see if there are anything or any points that I need to discuss with you or think that we have missed up on so what I’m going to do is I’m going to talk about something else called as creating an Active Directory or can we create multiple active directories that is a question if you ask me I would say yes definitely you can create multiple directories now as you see here if I go to a particular directory I would be having an option called as switch directories now if I click here I have certain options from which I can pick a default directory now in my case I have quite a few directories which I can actually go ahead and choose from but I want to give you all the demo as in how do you go ahead and create one because these are something that we have created for the practice purpose or certain uses

purpose so let’s go ahead and create a fresh one so how do we do that can we just go ahead and create one well yes definitely we can create one if you just scroll down you have certain options here we had an option of creating a new directory let me just go ahead and see where that option is she has this option create a directory so let’s start by giving it certain name say ed u– Rekha one two three four not one two three four let’s call it say Eddie Ricardo Rico maybe is it there yep and what should be then domain name Didrik a one to one how do you recover one to one state well since I’m from India that stick to India and I say create now it might take a couple of minutes when you just go ahead and create this so called directly so yep meanwhile you bear with me and there you go you have your director here you can just click on this thing to manage your directories as you can see it’s a completely new directory which is fresh and new to use that means as you can see it’s a dirac ID rekha and if you click on any one of these things you won’t be having anything else now in my previous active directory I had so many users now if you come here you would see there’s just one user main admin I’d not have anything else or no other user whatsoever that means this is a fresh directory like as you can see if you just go back to the ID record edit option you’d be having an option of resetting your so-called directory and you can do that as well but I do not want to do that for now I can just click on this and I go back see here’s the option you can click on it and you can switch the user so yeah you can use multiple directories and you can have multiple users for these directories as well now I can just go ahead and create users for this directory as well but I won’t be doing that now since I do not need this directory I’m just going to go ahead and delete it so I click on this icon I do not have permissions probably so I click on it and I ensure that permission is granted I say yes and I Save Changes it might take half a minute to update these properties or if the internet is slow it might take a long as well they you see the changes have been updated if i refresh this thing the access is given to me I can just I don’t want to delete the – but I just want to go ahead and delete my so-called active directory so I do not have an access to my domain services because of which I’m not able to delete this account but yeah you normally have an option where you can actually go ahead and delete this directory so yep you can go ahead and do that as well so this was the demo about Active Directory as in how do you go out to create a user how do you create a particular domain space our domain service basically how do you go ahead and create multiple active directories I hope you all add something new to learn out of this session but as far as this session goes I would be resting my session here if you do have any queries make sure that you put those queries in the comment section below and I would be more than happy to get back to you on those queries as well thank you bye bye I hope you have enjoyed listening to this video please be kind enough to like it and you can comment any of your doubts and queries and we will reply them at the earliest do look out for more videos in our playlist and subscribe to Ed Eureka channel to learn more happy learning