Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Mastering Identity and Access Management with Microsoft Azure
  • Toc
  • feedback
Mastering Identity and Access Management with Microsoft Azure

Mastering Identity and Access Management with Microsoft Azure

By : Jochen Nickel
3.7 (3)
close
Mastering Identity and Access Management with Microsoft Azure

Mastering Identity and Access Management with Microsoft Azure

3.7 (3)
By: Jochen Nickel

Overview of this book

Microsoft Azure and its Identity and access management are at the heart of Microsoft's software as service products, including Office 365, Dynamics CRM, and Enterprise Mobility Management. It is crucial to master Microsoft Azure in order to be able to work with the Microsoft Cloud effectively. You’ll begin by identifying the benefits of Microsoft Azure in the field of identity and access management. Working through the functionality of identity and access management as a service, you will get a full overview of the Microsoft strategy. Understanding identity synchronization will help you to provide a well-managed identity. Project scenarios and examples will enable you to understand, troubleshoot, and develop on essential authentication protocols and publishing scenarios. Finally, you will acquire a thorough understanding of Microsoft Information protection technologies.
Table of Contents (21 chapters)
close
close
Preface
chevron up
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Section 1: Identity Management and Synchronization
Section 1: Identity Management and Synchronization
2
Building and Managing Azure Active Directory
Building and Managing Azure Active Directory
Implementation scenario overview
Implementing a solid Azure Active Directory
Creating and managing users and groups
Assign roles to administrative units
Protect your administrative accounts
Provide user and group-based application access
Password reset self-service capabilities
Using standard security monitoring
Integrating Azure AD Join for Windows 10 clients
Configuring a custom domain
Configure Azure AD Domain Services
Summary
3
Understanding Identity Synchronization
Understanding Identity Synchronization
Technology overview
Synchronization scenarios
Synchronization terms and processes
Summary
4
Exploring Advanced Synchronization Concepts
Exploring Advanced Synchronization Concepts
Preparing your lab environment
Understanding declarative provisioning and expressions
Synchronization rules explained
Special considerations in advanced synchronization concepts
Summary
5
Monitoring Your Identity Bridge
Monitoring Your Identity Bridge
How Azure AD Connect Health works
Azure AD monitoring and logs
Azure Security Center for monitoring and analytics
Summary
6
Configuring and Managing Identity Protection
Configuring and Managing Identity Protection
Microsoft Identity Protection solutions
Azure ATP and how to use it
Azure AD Identity Protection
Using Azure AD PIM to protect administrative privileges
Summary
7
Section 2: Authentication and Application Publishing
Section 2: Authentication and Application Publishing
8
Managing Authentication Protocols
Managing Authentication Protocols
Microsoft identity platform
Common token standards in a federated world
Security Assertion Markup Language (SAML) 2.0
WS-Federation
OAuth 2.0
OpenID Connect (OIDC)
Pass-through authentication and seamless SSO
Multi-factor authentication
Summary
9
Deploying Solutions on Azure AD and ADFS
Deploying Solutions on Azure AD and ADFS
Basic environment installation and configuration
Azure AD authentication deployments
ADFS Authentication deployments
Integrating Azure MFA (YD1ADS01)
Summary
10
Using the Azure AD App Proxy and the Web Application Proxy
Using the Azure AD App Proxy and the Web Application Proxy
Configuring additional applications for Azure AD and ADFS
Publishing with Windows server and Azure AD Web Application Proxy
Using conditional access
Summary
11
Deploying Additional Applications on Azure AD
Deploying Additional Applications on Azure AD
Preparing your lab environment
What defines single- and multi-tenant applications
Deploying a single-tenant application including roles and claims
Moving the single-tenant app to a multi-tenant scenario
Deploying another multi-tenant app with OpenID Connect
Summary
12
Exploring Azure AD Identity Services
Exploring Azure AD Identity Services
Preparing your lab environment
Understanding Azure AD B2B
Exploring Azure AD B2C
Extending Active Directory solutions with Azure AD Domain Services
AD FS as an on-premise identity service for the cloud
Summary
13
Creating Identity Life Cycle Management in Azure
Creating Identity Life Cycle Management in Azure
Lab environment readiness
Handling the guest user life cycle
Azure services for automation
Summary
14
Section 3: Data Classification and Information Protection
Section 3: Data Classification and Information Protection
15
Creating a Security Culture
Creating a Security Culture
Why do we need a security culture?
Pillars of a good security culture
General overview of data classification
Azure Information Protection (AIP) overview
Summary
16
Identifying and Detecting Sensitive Data
Identifying and Detecting Sensitive Data
Extending your lab environment
Understanding and using AIP capabilities for data in motion
Understanding and using AIP capabilities for data at rest
Summary
17
Understanding Encryption Key Management Strategies
Understanding Encryption Key Management Strategies
Azure Information Protection key basics
How Azure RMS works under the hood
Summary
18
Configuring Azure Information Protection Solutions
Configuring Azure Information Protection Solutions
Preparing to configure and manage AIP
Azure RMS management with PowerShell
Configuring AIP
Summary
19
Azure Information Protection Development
Azure Information Protection Development
Technical requirements
Microsoft Information Protection solutions
Understanding the Microsoft Information Protection SDK
Preparing your Azure AD environment for tests
Using MIP binaries to explore functionality
Using PowerShell with Azure Information Protection
Overview of the RMS 2.1 and 4.2 SDKs
Summary
20
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Preface

Mastering Identity and Access Management with Microsoft Azure is a crisp and practical, hands-on guide containing project scenarios/illustrations that is tailored to genuine hybrid and cloud-only challenges. Developers, security specialists, IT consultants, and architects are the audience for this book. With it, you get a complete companion for solving key topics in the field of identity and access management through all related Microsoft technologies and practice-related crisp and clear content that helps you to put the theory into practice. The book delves into the Microsoft 365 Security and Compliance plans and other Azure services related to identity and access management topics.

The book is divided into three parts. In the first part, crucial identity management topics are covered, such as identity synchronization as a whole, including monitoring and protection topics, in a cloud-only and hybrid world. The second part provides all the essentials and in-depth knowledge pertaining to the different authentication methods you can use and how you can securely publish and expose your applications with on-premise technologies and the Azure AD feature set. The final part of the book focuses entirely on the Microsoft information protection technologies. Another highlight is the more than 40 playbooks you receive to support the learning process through practical tips. With this great resource, you get an information package that also covers the functionality of Windows 10 and Windows Server 2016/2019.

How does this edition differ from the first edition of the book, and why a second edition with more than 85% new content?

First of all, many thanks to all the readers and the valuable feedback I received. I was happy to listen!

Since writing the first edition of the book back in 2016, many features have been completely updated, added, changed, or even removed. The Microsoft Azure world is changing very rapidly, from a pure infrastructure to an object and service-oriented environment. For this reason, it is necessary to include a variety of developmental aspects in the book. Some functions are currently changing their entitlement entirely to the cloud.

However, no overall solution for sustainable identity and access management in a hybrid cloud environment is currently available to fulfill all the different aspects. For this reason, the basics for individual services must be developed to ensure a better shift of the functions.

Another important reason for me to write an updated edition was that I heard from readers and workshop attendees that they require more technical guidance and less information on the decision manager side. This brought me to an approach whereby I provide more than 40 hands-on guides in the book, where you can test all the related information in a practical and guided manner. Furthermore, our workshop attendees and customers found it very hard to find qualified and working lab examples in a compressed form to save time and effort.

Many of you and our attendees loved the structure of the three scenarios in the first book. Frequently, however, I received a request to provide the theory and practical guidance in technology or topic-based flows so as to make it easier to follow, if you are just interested in specific topics, or if you want to use the book as a living reference.

At the time of writing the first book, the Azure information protection technology was not available in the complete approach that it is available today. Since this technology is now mature and an integral aspect of access management, in my view, additional chapters for this topic are an absolute necessity.

Windows Server 2019 is also available to use, so I updated the book to work with the new server version, with a primary focus on hybrid cloud scenarios.

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
Next Section
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete