In this course the student will dive into the world of hybrid identity and learn hands how to implement Azure Active Directory (Azure AD). The course will start with synchronizing on-premises identities to the cloud using Azure AD Connect. Then students will learn to implement traditional AD applications in Azure IaaS without deploying traditional Domain Controllers (DCs), using Azure AD Domain Services. Extending Azure cloud based applications to Consumers using Azure AD B2C and Business Partners Azure AD B2B will be covered. Students will also learn to how to manage and monitor their Azure solutions using Role-based access control (RBAC), custom roles and Azure AD Connect Health.
This course is a mixture of:
• 50% Hands-On Labs
• 40% Presentation
• 10% Architectural Case Studies
What You Will Learn
MODULE 1: Introduction to Hybrid Identity using Azure Active Directory (Azure AD)
In this module, the student will learn the core capabilities and use cases of Azure AD. This module will emphasize strategies and techniques for integrating on-premises Active Directory with an Azure AD environment. Students will first be introduced to the issues with identity in today’s cloud-first world. Then there will be a thorough examination of several Azure AD features, across the different service tiers.
Case Study: Deploying Hybrid Identity Solutions
MODULE 2: Synchronize Active Directory on-premises with Azure AD using Azure AD Connect
In this module, the student will learn how to integrate an existing on-premises Active Directory Domain with Azure AD. Students will dive in hands-on using Azure AD Connect to synchronize users and group identities to the cloud. The modules will also include an extensive mapping of Azure AD connect with ADFS Federation and the newest Azure AD Pass-through authentication.
MODULE 3: Implementing Azure AD Domain Services
In this module, students will learn to implement Azure AD Domain Services. AD Domain Services is a cloud based service which provides managed domain activities such as domain join, group policy, LDAP, Kerberos/NTLM authentication that are fully compatible with Windows Server Active Directory. Students will have a full understanding and hands-on experience with the solution enabling the use of traditional AD application in Azure.
MODULE 4: Managing Azure Subscriptions and Resources
In this module, the student will learn features and services in used to secure Azure subscriptions and resources. Topics include subscription management for Azure EAs and implementing advanced policies and RBAC for enterprise wide Azure Governance.
MODULE 5: Implement Azure AD Premium
In this module, the student will learn Azure AD Premium SKUs and features will be examined. These include Azure AD Privileged Identity Management, Identity Protection, Conditional Access, Self-Service App & Group Management, Self-Service Password Reset with on-premises writeback, Application Proxy and as Multi-Factor Authentication.
MODULE 6: Implement Azure AD Business to Consumer (B2C) & Business to Business (B2B)
In this module, students will explore extending Azure applications to external users using Azure AD Business to Consumer (B2C), and Business to Business (B2B). Discussion will focus on enabling authentication scenarios that are in support of consumer based applications or enterprises that wish to partner with other companies.
MODULE 7: Monitoring Azure AD using AD Connect Health
In this module, students will learn to monitor Active Directory across all infrastructures using Azure AD Connect Health. Topics covered will include monitoring the sync engine & replication, monitoring DCs, setting email notifications for critical alerts. Students will also gain understanding how to monitor AD FS Proxy and Web Application Proxy Servers. Students will also learn to generate AD security and activity reports in support of securing Azure AD identities. These reports can be used for compliance purposes or to review users flagged for risk or risky logins.;