There are exciting Azure AD announcements. Microsoft announced new tools (Azure AD Connect Cloud) and Azure AD secure hybrid access with partners like Citrix, Akamai, and Zscaler. Entitlements management for Azure Active Directory is Generally Available now!
Microsoft is rapidly introducing new features across its major platforms, focusing on improved cloud computing and productivity. At Ignite 2019, Microsoft is unveiling a wide range of new tools and services to enable companies and individuals to leverage their data effectively, help employees gain expertise quickly, and utilize important Azure tools regardless of their cloud provider.
What is Next
- Passwordless
- Azure AD Credential Management
- Delegated employee onboarding
- Credential Recovery
- Conditional Access + Identity Protection
- Microsoft Graph scope policies
- Conditional Access for Credential Registration and PIM
- M365 signal integration
What’s Next Azure Azure Active Directory for the Year 2020?
1. HR and Provisioning
> New Cloud HR partners
> Broader HR integration
> Provisioning to on-premises apps
2. Firstline Worker
> Firstline Manager user provisioning
> Global sign out (for iOS)
> Birthright provisioning
3. Identities for all
> Custom sign-up for B2B partners
> New Social Identity providers
> Conditional Access for B2C
> Identity Protection for B2C
Azure AD Conditional Access Read-Only Simulation
Azure Active Directory Connect Cloud Provisioning (Preview Soon)
Azure Active Directory Connect cloud (AAD Connect Cloud) provisioning allows customers to easily consolidate disconnected on-premises Active Directory forests and eliminate the need for on-premises sync servers.
This will help the organization while enabling greater connectivity availability (such as multiple deployments to disconnected forests for redundancy) and lowering costs.
The solution provides a lightweight, on-premises agent that will enable provisioning from multiple disconnected on-premises Azure Directory forests and move all the sync complexity and data transformation logic to the cloud.
The capability was designed to address one of the top needs of large enterprise customers managing complex organizations or merger and acquisition scenarios.
More Details – What’s New in Azure Active Directory at Microsoft Ignite 2019
External Identities with Azure Active Directory B2C
- Direct Federation (SAML WS-Fed)
- Google ID Federation
- Sign in with any email + code
MyApps portal updates
The Azure Active Directory MyApps portal has a revamped look and more capabilities, giving users a simplified experience with all apps in one place.
The new features, now in preview, include a mobile-first launching experience for all enterprise apps, workspaces for administrator-curated apps, and a unified app launching exp.
MyApps WorkSpaces?
Workspace is a grouping of Apps published in the MyApps portal (https://Myapps.microsoft.com) and office.com (https://www.office.com/apps?auth=2) portal.
Azure Active Directory My Account My Signins
https://myprofile.microsoft.com/ portal is one one-stop place for all the following activities related to user identity profiles.
- Security info
- Keep your verification methods and security info up to date.
- Set up self-service password reset
- Additional security verification
- Devices
- Disable a lost device and review your connected devices.
- Manage devices
- Password
- Make your password stronger, or change it if someone else knows it.
- Change password
- Organizations
- See all the organizations that you’re a part of.
- Manage Organizations
- Privacy
- See how your organization and services are handling your data.
- Review Privacy
- My sign-ins (preview) https://mysignins.microsoft.com/
- See when and where you’ve signed in, and check if anything looks unusual.
- Review recent activity
My Access Packages?
Have you seen My Access Package Portal ?? This is interesting !! https://myaccess.microsoft.com/
Azure AD Easier Sign-in
SMS sign-in allows workers to sign in with their phone number and an SMS code for authentication. This will help first-line workers to eliminate the need for passwords.
Global sign-out is rolling out later this year for Android devices, enabling workers to sign out of all apps. This global sign-out will help first-line workers sign out of their apps with just one click and ensure that nobody else can use the same devices under their account.
Granularity in Delegating user management will enable scale and reduce stress on IT support by allowing first-line managers to manage users and credentials.
Passwordless Authentication with No Charges
Microsoft Authenticator App – As per Microsoft from Nov. 1, 2019, there will be no charges for using multifactor authentication or passwordless authentication.
NOTE: The passwordless authentication methods feature in Azure Active Directory launched in a public preview last year and is expected to become generally available in 2020.
Azure Active Directory- Secure Hybrid Access
- Simplify on-prem ADFS infrastructure
- A compliment to Azure AD App Proxy
- Azure AD secure hybrid access with partners like F5, Citrix, Akamai, and Zscaler
Azure Active Directory – Managing All Your Apps from one location
Azure Active Directory Infrastructure – High Availability Redundancy
- 30 billion Authetications a day
- 300000 CPU Cores
- Azure AD deployed across 30 Azure Regions
- Continual program investment and hardening
- Within each data center your data is replicated a minimum of 9 times
- Your authentication traffic is served by not one but at least 4 and some cases upto 13 data centers in fully active configuration
- DNS, Traffic Management, and CDN – Full active-active multi-provider support
- 11 petabytes of telemetry data Azure Active Directory has been analyzed
Fido – Hybrid Deployments – Timeline 2020 Q1
Session
- https://myignite.techcommunity.microsoft.com/sessions/81713?source=schedule
Resources
- Azure AD Secure Hybrid Access
- Learn How to Setup Azure AD Device Cleanup Rules
- Expanding Azure Active Directory support for FIDO2 preview to hybrid environments
- Step-by-Step: Managing Users via the Azure Active Directory PowerShell for Graph Module
We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here –HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc