Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond
  • Table Of Contents Toc
  • Feedback & Rating feedback
Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond

Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond

By : Donovan Kelly
4.3 (4)
Buy this Book
close
close
Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond

Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond

4.3 (4)
By: Donovan Kelly
Buy this Book

Overview of this book

Take the first step toward excellence in Azure management and achieving Microsoft certification with this practical guide! This third edition of Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond offers comprehensive insights and clear, step-by-step instructions that follow the latest AZ-104 exam objectives. You’ll work your way from foundational topics such as Azure identity management and governance to essential skills such as deploying and managing storage solutions, configuring virtual networks, and effectively monitoring Azure resources. Each chapter is equipped with practice questions to reinforce your understanding and enhance your practical skills. The book also provides you with access to online mock exams, interactive flashcards, and expert exam tips, guaranteeing that you pass with flying colors. By the end of this book, you'll not only be equipped to pass the AZ-104 exam but also possess the expertise needed to expertly manage Azure environments.
Table of Contents (25 chapters)
close
close
close
Preface
Preface
Who This Book Is For
What This Book Covers
Online Practice Resources
Accessing the Code Files
Download the Color Images
Conventions Used
Get in Touch
Setting Up Your Environment
Technical Requirements
Accessing the Microsoft Labs
Lab Files
Share Your Thoughts
Download a free PDF copy of this book
1
Chapter 1: Managing Microsoft Entra ID Objects
Chapter 1: Managing Microsoft Entra ID Objects
Making the Most Out of This Book – Your Certification and Beyond
Technical Requirements
Microsoft Entra P1 Trial
Microsoft Entra ID
Creating Users and Groups
Creating Microsoft Entra ID AUs
Managing User and Group Properties
Summary
Free Chapter
2
Chapter 2: Devices in Microsoft Entra ID
chevron up
Chapter 2: Devices in Microsoft Entra ID
Technical Requirements
Configuring and Managing Devices
Configuring Microsoft Entra Join
Performing Bulk Operations
Navigating Guest Accounts
Configuring SSPR
Summary
3
Chapter 3: Managing Role-Based Access Control in Azure
Chapter 3: Managing Role-Based Access Control in Azure
Technical Requirements
Understanding Azure Regions
Managing Azure Subscriptions and Management Hierarchy
Configuring Management Groups
Understanding role-based-access-control
Creating a custom RBAC role
Interpreting Access Assignments
Summary
4
Chapter 4: Creating and Managing Governance
Chapter 4: Creating and Managing Governance
Technical Requirements
Understanding Azure Policies
Applying and Managing Tags on Resources
Summary
5
Chapter 5: Managing Governance and Costs
Chapter 5: Managing Governance and Costs
Technical Requirements
Managing Resource Groups
Configuring Resource Locks
Managing Costs
Summary
6
Chapter 6: Understanding Storage Accounts
Chapter 6: Understanding Storage Accounts
Technical Requirements
Understanding Azure Storage Accounts
Creating and Configuring Storage Accounts
Summary
7
Chapter 7: Copying Data To and From Azure
Chapter 7: Copying Data To and From Azure
Technical Requirements
Using Azure Data Box (Previously, Import/Export)
Installing and Using Azure Storage Explorer
Configuring Azure Files and Azure Blob Storage
Summary
8
Chapter 8: Securing Storage
Chapter 8: Securing Storage
Technical Requirements
Configuring Network Access to Storage Accounts
Storage Access Keys
Working with SAS Tokens
Configuring Access and Authentication
Summary
9
Chapter 9: Storage Management and Replication
Chapter 9: Storage Management and Replication
Technical Requirements
Copying Data by Using AzCopy
Configuring Storage Replication and Lifecycle Management
Summary
10
Chapter 10: Azure Resource Manager Templates
Chapter 10: Azure Resource Manager Templates
Technical Requirements
Understanding ARM Templates
Benefits of ARM
Understanding the ARM Template Structure
Creating an ARM Template
Modifying an Existing ARM Template
Deploying an ARM Template – Azure Portal
Deploying an ARM Template – Azure PowerShell
Saving a Deployment as an ARM Template
Exporting an ARM Template
Azure QuickStart Templates
Summary
11
Chapter 11: Azure Bicep
Chapter 11: Azure Bicep
Technical Requirements
Understanding Azure Bicep
Understanding the Bicep Template Structure
Creating a Bicep Template
Modifying an Existing Bicep Template
Deploying a Bicep Template – Azure PowerShell
Converting ARM to Bicep
Converting Bicep to ARM
Summary
12
Chapter 12: Understanding Virtual Machines
Chapter 12: Understanding Virtual Machines
Technical Requirements
Understanding Azure Disk Storage
Understanding Azure VMs
Deploying a VM in Azure
Deploying and Configuring Scale Sets
Summary
13
Chapter 13: Managing Virtual Machines
Chapter 13: Managing Virtual Machines
Technical Requirements
Managing VM Sizes
Adding Data Disks to VMs
Troubleshooting VM Networking
Moving VMs between Resource Groups
Redeploying VMs
Disk Encryption in Azure
Automating Configuration Management
Deploying VM Extensions
Configuring and Deploying a VM ARM Template
Summary
14
Chapter 14: Creating and Configuring Containers
Chapter 14: Creating and Configuring Containers
Technical Requirements
Introduction to Containers
Azure Container Instances
Container Groups
Docker Platform
Azure Kubernetes Services
Creating an Azure Container Registry
Deploying Your First Container Instance
Configuring Container Groups for ACI
Configuring Sizing and Scaling for ACI
Deploying AKS
Configuring Storage for AKS
Configuring Scaling for AKS
Upgrading an AKS Cluster
Summary
15
Chapter 15: Creating and Configuring App Service
Chapter 15: Creating and Configuring App Service
Technical Requirements
Understanding Azure App Service and App Service Plans
Creating an App Service Plan
Creating an App Service Instance
Configuring Scaling
Securing Azure App Service
Configuring Custom Domain Names
Configuring a Backup for an App Service Instance
Configuring Networking Settings
Configuring Deployment Settings
Summary
16
Chapter 16: Implementing and Managing Virtual Networking
Chapter 16: Implementing and Managing Virtual Networking
Technical Requirements
Creating and Configuring Virtual Networks
Creating Private and Public IP Addresses
User-defined Routing
Implementing Subnets
Configuring Endpoints on Subnets
Configuring Private Endpoints
Configuring Azure DNS
Summary
17
Chapter 17: Securing Access to Virtual Networks
Chapter 17: Securing Access to Virtual Networks
Technical requirements
Network Security Groups
Azure Firewall
Azure Bastion
Deploying Azure Bastion and Azure Firewall
Summary
18
Chapter 18: Configuring Load Balancing
Chapter 18: Configuring Load Balancing
Technical Requirements
Azure Load-Balancing Services
Azure Load Balancer
Configuring an ILB
Configuring a Public Load Balancer
Azure Application Gateway
Configuring Azure Application Gateway
Azure Front Door
Summary
19
Chapter 19: Integrating On-Premises Networks with Azure
Chapter 19: Integrating On-Premises Networks with Azure
Technical Requirements
Azure VPN Gateway
Creating and Configuring an Azure VPN Gateway
Creating and Configuring Azure ExpressRoute
Azure Virtual WAN
Configuring Azure Virtual WAN
Summary
20
Chapter 20: Monitoring and Troubleshooting Virtual Networking
Chapter 20: Monitoring and Troubleshooting Virtual Networking
Technical Requirements
Understanding Network Watcher
Configuring Network Watcher
Summary
21
Chapter 21: Monitoring Resources with Azure Monitor
Chapter 21: Monitoring Resources with Azure Monitor
Technical Requirements
Understanding Azure Monitor
Working with Metrics and Alerts
Querying Log Analytics
Monitoring with Workbooks
Configuring Application Insights
Summary
22
Chapter 22: Implementing Backup and Recovery Solutions
Chapter 22: Implementing Backup and Recovery Solutions
Technical Requirements
Understanding Azure Backup Vaults
Understanding Azure Recovery Services Vaults
Creating a Recovery Services Vault
Understanding Backup Policies
Creating and Configuring Backup Policies
Backing Up via Azure Backup Center
Restoring a Backup via Azure Backup Center
Recovering from a Disaster with Azure Site Recovery
Configuring and Reviewing Backup Reports
Summary
23
Chapter 23: Accessing the Online Practice Resources
Chapter 23: Accessing the Online Practice Resources
How to Access These Materials
Troubleshooting Tips
Back to the Book
Why subscribe?
24
Other Books You May Enjoy
Other Books You May Enjoy
Now you’ve finished Exam Ref AZ-104 Microsoft Azure Administrator Certification and Beyond, Third Edition, we’d love to hear your thoughts! If you purchased the book from Amazon, please click here to go straight to the Amazon review page for this book and share your feedback or leave a review on the site that you purchased it from.
Download a Free PDF Copy of This Book

Configuring and Managing Devices

In Microsoft Entra, a device represents any physical or virtual device that is registered with the directory. This can include devices such as laptops, desktops, mobile phones, and tablets. When a device is registered with Microsoft Entra, it can be managed and secured using policies and configurations defined in the directory. By managing devices in Microsoft Entra, IT administrators can ensure that devices accessing corporate resources meet an organization’s security and compliance requirements. In the following sections, you will explore device management in more detail and discuss how Microsoft Entra enables device management at scale.

Configuring Device Identities

When it comes to managing your devices through Microsoft Entra, you have several services available to you. You may want to support Bring Your Own Device (BYOD) scenarios or opt for a more traditional management style through Microsoft Entra joined devices. Joining is the typical approach for larger organizations that have established control and management structures for their IT infrastructure. For this course, you need to only be aware of how to register or join your devices to Microsoft Entra. This topic is worth much more exploration and research before you decide to adopt a certain approach.

Microsoft Entra Device Registration

A Microsoft Entra ID Registered Device is one that is registered within the Microsoft Entra ID directory but not added as a member of an organization:

  • The device is then granted access to resources through an attachment to a Microsoft account in Microsoft Entra ID.
  • It provides users with a Single Sign-On (SSO) experience across their devices, including app authentication.
  • It enables Conditional Access policy enforcement.
  • It is recommended for personally owned devices or devices not used exclusively for business purposes. Personally owned devices are also defined as BYOD, which are devices that can be used for work purposes.
  • It offers a streamlined process with minimal administrative overhead.
  • The device can be managed through tools such as Microsoft Intune.

The following diagram illustrates a device’s connection to Microsoft Entra ID and the relationship flow.

Figure 2.1: Microsoft Entra ID – device registration

Figure 2.1: Microsoft Entra ID – device registration

For more details, refer to https://learn.microsoft.com/en-us/entra/identity/devices/concept-device-registration.

Microsoft Entra Join

A Microsoft Entra ID joined device is one that is added to an organization’s Microsoft Entra ID directory, providing additional benefits and control to the organization:

  • It is fully managed by the organization with access to on-premises Active Directory resources. It is, therefore, suitable for dedicated, organization-owned devices that need full access to organizational resources.
  • It is explicitly tied to an organizational user account and managed as part of the directory.
  • It offers better management capabilities and integration and can use Conditional Access policies.

The following diagram illustrates a device-to-Microsoft Entra ID join connection, demonstrating how the connection is made from the device to Microsoft Entra ID. Entra ID can then form a hybrid connection to an on-premises Active Directory system, with synchronization occurring between the platforms through the Microsoft Entra Connect service.

Figure 2.2: Microsoft Entra ID – a device join

Figure 2.2: Microsoft Entra ID – a device join

For more details, refer to https://learn.microsoft.com/en-us/entra/identity/devices/concept-directory-join.

Microsoft Entra Hybrid Join

A Microsoft Entra ID hybrid joined device is a device that is joined to both the on-premises Active Directory (AD) and Entra ID, for organizations with a blended infrastructure. It is designed to support Windows 10 and 11 devices:

  • It retains the benefits of local on-premises AD while leveraging cloud features, such as enabling the continued use of Group Policy in Entra ID
  • It combines cloud authentication with on-premises resources and devices
  • It facilitates seamless transitions and secure access to resources in hybrid environments
  • It is ideal for organizations that have a mix of cloud and on-premises infrastructure deployments

The following diagram illustrates a device connection to Microsoft Entra ID and the relationship flow for a Microsoft Entra ID hybrid join connection, demonstrating how the connection is made from the device to Microsoft Entra ID as a registration and to an Active Directory for a domain join. Entra ID will then have a hybrid connection to an on-premises Active Directory system, with synchronization occurring between the platforms through the Microsoft Entra Connect service.

Figure 2.3: Microsoft Entra ID – a device hybrid join

Figure 2.3: Microsoft Entra ID – a device hybrid join

For more details, refer to https://learn.microsoft.com/en-us/entra/identity/devices/concept-hybrid-join.

Next, we will explore what device settings you can manage in Microsoft Entra.

Device Settings

Microsoft Entra enables organizations to ensure that their users access Azure resources from devices that comply with their security and compliance policies. Device management is a crucial component of device-based Conditional Access, where access to corporate resources is restricted only to managed devices.

Device settings can be easily managed from the Azure portal, provided the device is registered or joined to Microsoft Entra. To access Devices, you need to select it from the Manage context from the left-hand menu under Microsoft Entra ID. On the Devices blade, you can select Device settings from the left menu. The following device settings are available for configuration in Microsoft Entra ID:

  • Users may join devices to Microsoft Entra: This setting lets administrators specify which users can join their Windows 10 devices to Entra ID. This setting is only applicable to Microsoft Entra Join on Windows 10. The Selected option allows you to specify which members are allowed to join their devices to Entra ID.

Figure 2.4: Device settings – Users may join devices to Microsoft Entra

Figure 2.4: Device settings – Users may join devices to Microsoft Entra

  • Users may register their devices with Entra ID: This setting needs to be configured to allow devices to be registered with Entra ID. There are two options here – None, which means that devices are not allowed to register when they are not Microsoft Entra-joined or hybrid Microsoft Entra-joined, and All, which means that all devices are allowed to register.

Figure 2.5: Device settings – Users may register their devices with Microsoft Entra

Figure 2.5: Device settings – Users may register their devices with Microsoft Entra

Note

In order for you to enroll with Microsoft Intune or Mobile Device Management (MDM) for Microsoft 365, you will be required to register. If you have configured either of these services, the All option is selected by default and None is not available for selection.

  • Require Multi-Factor Authentication to register or join devices with Microsoft Entra: This setting adds another layer of security by requiring users to authenticate with Multi-factor Authentication (MFA) when registering or joining their devices to Microsoft Entra. Before you can enable this setting, MFA needs to be configured for the users who register their devices.
Figure 2.6: Device settings – requiring MFA

Figure 2.6: Device settings – requiring MFA

  • Maximum number of devices per user: This setting allows you to select the maximum number of devices that a user can have in Microsoft Entra. Reaching this quota will prevent additional devices from being added until either existing devices are removed or the quota limit is changed.
  • Manage Additional local administrators on all Microsoft Entra joined devices: This setting allows you to add additional local administrators for Microsoft Entra joined devices. A local administrator is a user who has administrative privileges on a specific device or computer.
Figure 2.7: Device settings – Local administrator settings

Figure 2.7: Device settings – Local administrator settings

Figure 2.8: Device settings – Microsoft Entra LAPS

Figure 2.8: Device settings – Microsoft Entra LAPS

  • Restrict users from recovering the BitLocker key(s) for their owned devices: Restricting users from recovering BitLocker keys for their owned devices is a security measure that prevents non-admin users from accessing their device’s BitLocker key(s) for self-service recovery. By setting this restriction to Yes, only admin users can retrieve the keys, ensuring an additional layer of security and control over the devices. Conversely, setting it to No allows all users to recover their BitLocker key(s), enabling self-service access but potentially reducing security.
Figure 2.9: Device settings – BitLocker key(s)

Figure 2.9: Device settings – BitLocker key(s)

Enterprise State Roaming

Enterprise State Roaming is a feature in Microsoft Entra ID that allows users to synchronize their application and system settings across their Windows devices. This means that when a user sets up a new Windows device, their familiar settings and preferences will be applied to the new device automatically. This feature is especially useful for organizations that provide employees with multiple Windows devices, or for users who switch between devices frequently. With Enterprise State Roaming, users can have a more seamless and consistent experience across all their Windows devices. The synchronization is achieved through Microsoft Entra ID, and all data is encrypted to ensure security and privacy.

This setting now has its own blade and can be accessed by clicking Enterprise State Roaming from the left menu of the Device blade, under the Manage context.

Selecting All will enable all users in your organization to take advantage of this feature, Selected allows you to specify users, and None will disallow all users from using the feature.

Figure 2.10: Enterprise State Roaming

Figure 2.10: Enterprise State Roaming

You can read more about Enterprise State Roaming here: https://learn.microsoft.com/en-us/entra/identity/devices/enterprise-state-roaming-enable.

You now have a basic understanding of what Enterprise State Roaming is and the features and benefits it offers. Next, you will learn about device management settings.

Managing Device Settings

To manage the device settings from the Azure portal, you need to perform the following steps:

  1. Navigate to the Azure portal by opening https://portal.azure.com.
  2. From the left-hand hamburger menu or the main search bar, select Microsoft Entra ID.
  3. From the left-hand menu, select Devices under the Manage context, as follows:

Figure 2.11: The Microsoft Entra ID Devices blade

Figure 2.11: The Microsoft Entra ID Devices blade

  1. The device management blade will open. Here, you can configure your device management settings, locate your devices, perform device management tasks, and review the device management-related audit logs.
  2. To configure the device settings, select Device settings from the left-hand menu. From here, you can configure the following settings, which are shown in Figure 2.12:
    • Users may join devices to Microsoft Entra: All
    • Require Multifactor Authentication to register or join devices with Microsoft Entra: No

Figure 2.12: Microsoft Entra ID – the Device settings blade

Figure 2.12: Microsoft Entra ID – the Device settings blade

  1. To locate your devices, select All devices from the left menu. In this pane, you will see all the joined and registered devices, as follows:
Figure 2.13: Microsoft Entra ID – All devices

Figure 2.13: Microsoft Entra ID – All devices

  1. Additionally, you can select the different devices from the list to get more detailed information about a device. From here, global administrators and cloud device administrators can disable or delete the device:
Figure 2.14: Microsoft Entra ID – workstation 1 details

Figure 2.14: Microsoft Entra ID – workstation 1 details

You now have experience managing a device on Microsoft Entra. The next topic you will learn about is audit logs, under the Devices blade.

Device Audit Logs

The audit logs section under Devices in Microsoft Entra ID contains a record of all activities related to device management. Audit logs provide detailed information on events and actions performed within the system. These logs offer valuable insights for administrators looking to monitor security, troubleshoot issues, and maintain compliance.

Using device audit logs, administrators can track changes made to device properties, registration and deletion events, and other relevant activities performed by either the users or the system itself. Information stored in the logs typically includes event timestamps, target(s) (affected devices), user details, and the specific category of the activity and actions/changes made during an event. Microsoft Entra offers a user-friendly interface to view and analyze device audit logs, allowing administrators to filter and sort records based on specific criteria, such as event type or date range. This enables you to quickly identify and investigate suspicious activities or potential sources of issues within the device management environment.

By regularly reviewing and analyzing device audit logs, organizations can proactively detect anomalies and maintain regulatory compliance, thus ensuring a secure and efficient device management process within your Microsoft Entra ecosystem. Additionally, the audit logs can be exported to third-party security information and event management (SIEM) systems for further analysis and correlation with other security events. In this exercise, you will explore how to view audit logs in the Azure portal. Complete the following steps:

  1. To view audit logs, navigate to the Devices blade from Microsoft Entra ID.
  2. From the left menu of the Devices blade, under the Activity context, select Audit logs. This is where you can view and download the different log files for your devices. Additionally, you can create filters to search through the logs, as per the following example:
Figure 2.15: Microsoft Entra ID – the Audit logs blade

Figure 2.15: Microsoft Entra ID – the Audit logs blade

This concludes the section on how to manage your device settings via the Azure portal.

Note

You are encouraged to read up further by using the following links:

https://learn.microsoft.com/en-us/entra/identity/devices/manage-device-identities.

https://learn.microsoft.com/en-us/entra/identity/monitoring-health/howto-stream-logs-to-event-hub.

https://learn.microsoft.com/en-us/entra/architecture/security-operations-devices.

In the next section, you will explore the licensing options behind Microsoft Entra.

Licensing

Microsoft Entra offers a range of licensing options to meet your organizational requirements, whether small or large businesses. These licensing options determine which features and functionalities are available to users. Some of the key features of Microsoft Entra include SSO, MFA, and device management. In the following section, you will explore the different pricing plans available for Microsoft Entra and what each plan includes.

Microsoft Entra ID offers the following pricing plans:

  • Microsoft Entra ID Free: This offers the most basic features, such as support for SSO across Azure, Microsoft 365, and other popular Software as a Service (SaaS) applications, Azure Business-to-Business (B2B) for external users, support for Microsoft Entra Connect synchronization, self-service password change, user and group management, and standard security reports.
  • Microsoft Entra ID P1: Previously known as Azure Active Directory P1. In addition to the Free license features, this license offers a service-level agreement, advanced reporting, Conditional Access, Microsoft Entra Connect Health, advanced administration such as dynamic groups, self-service group management, and Microsoft Identity Manager.
  • Microsoft Entra ID P2: Previously known as Azure Active Directory P2. In addition to the Free and Microsoft Entra ID P1 license features, the Microsoft Entra ID P2 license includes Identity Protection, Privileged Identity Management (PIM), access reviews, and entitlement management.
  • Microsoft Entra ID Governance: For users of Microsoft Entra ID P1 and P2, Microsoft Entra ID Governance provides a sophisticated suite of identity governance features that can be added at a premium. These capabilities include automated user and group provisioning, HR-driven provisioning, terms of use attestation, basic and advanced access certifications and reviews, basic and advanced entitlement management, life cycle workflows, identity governance dashboard, and PIM.
  • Microsoft Entra Verified ID: Microsoft Entra Verified ID is a license currently included free within any Microsoft Entra ID subscription, such as Microsoft Entra ID Free. This service enables organizations to verify and issue credentials based on unique identity attributes, granting individuals control over their digital credentials and improving visibility. The benefits of Verified ID include reduced organizational risk, simplified audit processes, and seamless integration for developers to create user-centric serverless applications. Organizations can enable Verified ID for free in the Microsoft Entra admin center.
  • Microsoft Entra Permissions Management: This is a set of identity governance features tailored for Microsoft Entra ID P1 and P2 subscribers. These capabilities include automated user and group provisioning, HR-driven provisioning, terms of use attestation, basic and advanced access certifications and reviews, basic and advanced entitlement management, life cycle workflows, identity governance dashboard, and PIM.
  • Microsoft Entra Workload ID: With the standalone Microsoft Entra Workload ID product, organizations can reduce risk exposure from compromised or lost identities or credentials, regulate workload identity access with adaptive policies, and obtain a thorough workload identity health-check view. The monthly pricing for Workload ID is based on the workload identity.

Note

For a detailed overview of the different Microsoft Entra licenses and all the features that are offered in each plan, refer to https://www.microsoft.com/en-us/security/business/microsoft-entra-pricing.

Now that you have a basic understanding of what Microsoft Entra ID is and the licensing models involved, you will learn how to implement a license.

Try/Buy License Products for Microsoft Entra

In this exercise, you are going to learn how to try or buy a license that can be associated with your Microsoft Entra instance. To do so, follow the following steps:

  1. Navigate to the Azure portal by opening a web browser and browsing to https://portal.azure.com.
  2. From the left-hand hamburger menu or the main search bar, select Microsoft Entra ID.
Figure 2.16: Selecting Microsoft Entra ID

Figure 2.16: Selecting Microsoft Entra ID

  1. Click on the Licenses setting under the Manage context from the left menu.
Figure 2.17: Microsoft Entra ID – Licenses

Figure 2.17: Microsoft Entra ID – Licenses

  1. From the Licenses blade on the left menu, select All products, and then click Try / Buy from the blade screen that is presented.

Figure 2.18: Microsoft Entra ID – Licenses | All products

Figure 2.18: Microsoft Entra ID – Licenses | All products

  1. An Activate pop-up screen will appear. To select a product for trial, you can click the Free trial drop-down option and then Activate to activate the license for the service offering you want to try, such as the following screenshot for Microsoft Entra ID P2.

Figure 2.19: Microsoft Entra ID – activating a trial license

Figure 2.19: Microsoft Entra ID – activating a trial license

You have now seen how to try a licensed product using the Azure portal. Next, you will learn about assigning a license to one of your users or groups.

Assigning a License

In this exercise, you are going to assign an active licensed product to a user to demonstrate the assignment of licenses from within Microsoft Entra ID:

  1. Just as you did in the previous exercise, you will navigate back to the All products settings screen under the Licenses blade.
  2. Select the license you are looking to assign; in this instance, we will assign the Microsoft 365 E5 Developer license. Then, click Assign from the top menu.

Figure 2.20: Microsoft Entra ID licensing – assigning a license

Figure 2.20: Microsoft Entra ID licensing – assigning a license

  1. Click + Add users and groups.

Figure 2.21: Microsoft Entra ID licensing – Add users and groups

Figure 2.21: Microsoft Entra ID licensing – Add users and groups

  1. From the screen that pops up, create a filter to search for the relevant name you are looking for – in this case, Demo. Select DemoUser1 and DemoUser2.

Figure 2.22: Microsoft Entra ID licensing – selecting users

Figure 2.22: Microsoft Entra ID licensing – selecting users

  1. Once you have chosen your users, click Select.
  2. Click Review + assign, and then, on the final screen, click Assign.

You have now seen how to not only add product licenses but also assign them. Although there are several license types, the basic principles still apply, and the licenses are just as easy to assign. In the next section, we will look at what Microsoft Entra Join is and how to configure it for Windows 10 devices.

End of Section 3
Next Section
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY