Azure Active Directory in 2 min
This is headline summary if someone needs to know what are the components and service in Azure Active Directory
💡Azure AD Connect
✹Integrating organisation on prem active directory and azure active directory. Enabling hybrid identity control.
Few features as below
▶ Password has syn -> Syncing account between on prem and Azure AD. Pass word hash will be compared in Azure AD
▶ Pass through authentication -> Validation will happen at on prem azure AD. User will be using the same user name and password.
▶ Federation Integration-> If authentication needs to handle by a third party.
▶ Health Monitoring -> AD connect monitoring check health of the sync, If has enabled user account leakage in Dark Web as well.
💡Azure Privileged Identity Management (PIM)
✹This service provides just in time access to azure resources. Access can be setup time based and approval based activation.
✹This could use for granting access to the critical resource in azure
💡Azure AD Health Check
✹Azure AD can configure recommended practise implementation and report on that. This can be customised to ignore the recommendation based on organisation need.
✹An Agent must be running on each domain controller
💡Azure Audit Logs
✹The Azure portal has azure audit logs if enabled this will give who made changes to azure resources, changes to user groups, roles and policies.
✹ Audit logs not allow to monitor Azure AD connect syncing errors.
💡Azure Access Review
✹This allows to review user access periodically hence right people have access to resources.