New Azure AD Updates from Microsoft Ignite 2019

There are Azure AD exciting announcement. Microsoft announcement new tools (Azure AD Connect Cloud) and Azure AD secure hybrid access with partners like Citrix, Akamai, and Zscaler. Entitlements management for Azure Active Directory is Generally Available now!

What is Next

  • Passwordless
    • Azure AD Credential Management
    • Delegated employee on-boarding
    • Credential Recovery
  • Conditional Access + Identity Protection
  • Microsoft Graph scope policies
  • Conditional Access for Credential registration and PIM
  • M365 signal integration

What’s next Azure AD for the Year 2020

  • HR and Provisioning
    • New Cloud HR partners
    • Broader HR integration
    • Provisioning to on-premises apps
  • Firstline Worker
    • Firstline Manager user provisioning
    • Global sign out (for iOS)
    • Birthright provisioning
  • Identities for all
    • Custom sign-up for B2B partners
    • New Social Identity providers
    • Conditional Access for B2C
    • Identity Protection for B2C
Azure AD
Azure AD

Azure AD Conditional Access Read-Only Simulation

Azure AD Conditional Access Enable Policy - Report-Only
Azure AD Conditional Access Enable Policy – Report-Only

Azure Active Directory Connect Cloud Provisioning (Preview Soon)

Azure Active Directory Connect cloud (AAD Connect Cloud) provisioning allows customers to easily consolidate disconnected on-premises Active Directory forests and eliminate the need for on-premises sync servers.

This is to help organization while enabling greater availability of connectivity (such as multiple deployments to disconnected forests for redundancy) and lowering costs.

Azure AD Connect Cloud Provisioning
Azure AD Connect Cloud Provisioning

The solution provides a lightweight, on-premises agent that will enable provisioning from multiple, disconnected on-premises Azure Directory forests and move all the sync complexity and data transformation logic to the cloud.

Patch My PC

The capability was designed to address one of the top needs for large enterprise customers managing complex organizations or merger and acquisition scenarios.

More Details – What’s new in Azure Active Directory at Microsoft Ignite 2019

Provisioning form Azure AD to on-premises apps, and SCIM

External Identities with Azure AD B2C

  • Direct Federation (SAML WS-Fed)
  • Google ID Federation
  • Sign-in with any email + code
New Azure AD Updates from Microsoft Ignite 2019 1

MyApps portal updates

A revamped look and more capabilities for the Azure Active Directory MyApps portal give users a simplified experience with all apps in one place.

The new features, now in preview, include a mobile-first launching experience for all enterprise apps, workspaces for administrator-curated apps, and a unified app launching exp.

Azure AD My Apps
Azure AD My Apps

MyApps WorkSpaces?

Workspace is grouping of Apps published in MyApps portal ( and ( portal.

New Azure AD Updates from Microsoft Ignite 2019 2

Azure AD My Account My Signins portal is one stop place for all the following activities related to user identity profile.

  • Security info
    • Keep your verification methods and security info up to date.
    • Set up self-service password reset
    • Additional security verification
  • Devices
    • Disable a lost device and review your connected devices.
    • Manage devices
  • Password
    • Make your password stronger, or change it if someone else knows it.
    • Change password
  • Organizations
    • See all the organizations that you’re a part of.
    • Manage Organizations
  • Privacy
    • See how your organization and services are handling your data.
    • Review privacy
  • My sign-ins (preview)
    • See when and where you’ve signed in and check if anything looks unusual.
    • Review recent activity
New Azure AD Updates from Microsoft Ignite 2019 3

My Access Packages?

Have you seen My Access Package Portal ?? This is interesting !!

New Azure AD Updates from Microsoft Ignite 2019 4

Azure AD Easier Sign-in

SMS sign-in that allows workers to sign in with their phone number and an SMS code for authentication. This will help firstline workers to eliminate the need for passwords.

Global sign-out is rolling out later this year for Android devices, that enables workers to sign out of all apps. This global sign-out will help firstline workers from their apps with just one click and help ensure that nobody else can use the same devices under their account.

Granularity in Delegating user management that will enable scale and reduce stress on IT support by allowing firstline managers to manage users and credentials.

Passwordless Authentication with No Charges

Microsoft Authenticator App – As per Microsoft from Nov. 1, 2019, there will be no charges for using multifactor authentication or passwordless authentication.

NOTE! – The passwordless authentication methods feature in Azure Active Directory launched in public preview last year; general availability is expected in 2020.

Azure AD – Secure Hybrid Access

  • Simplify on-prem ADFS infrastructure
  • Compliment to Azure AD App Proxy
  • Azure AD secure hybrid access with partners like F5, Citrix, Akamai, and Zscaler
New Azure AD Updates from Microsoft Ignite 2019 5

Azure AD – Managing All Your Apps from one location

New Azure AD Updates from Microsoft Ignite 2019 6

Azure AD Infrastructure – High Availability Redundancy

  • 30 billion Authetications a day
  • 300000 CPU COres
  • Azure AD deployed across 30 Azure Regions
  • Continual program investment and hardening
  • Within each data center your data is replicated minimum of 9 times
  • Your authetication traffic is served by not one but atleast 4 and some cases upto 13 data centers in fully active active configuration
  • DNS, Traffic Management, and CDN – Full active active multi provider support
  • 11 petabytes telemetry data Azure AD been analyzed
New Azure AD Updates from Microsoft Ignite 2019 7
New Azure AD Updates from Microsoft Ignite 2019 8

Fido – Hybrid Deployments – Timeline 2020 Q1

New Azure AD Updates from Microsoft Ignite 2019 9




Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.