Managing Identities with Microsoft Entra

Jul 13, 2024

Lecture: Managing Identities with Microsoft Entra

Introduction to Microsoft Entra

  • Purpose: Protect identities and secure network access everywhere.
  • Entra ID: Foundation for all Microsoft cloud services (Azure, Intune, M365, Dynamics).
  • Admin Center: Manage IDs at entra.microsoft.com.

Understanding the Tenant

  • Tenant: The environment for Entra ID, similar to renting property.
    • Tenant ID: Unique identifier for your tenant.
    • Domain Name: Customizable domain.
    • License Types: Multiple levels (e.g., P1 for general users, P2 for admins).

Privileged Identity Management (PIM)

  • PIM: Just-in-time access for admins to elevate permissions temporarily.
  • Benefits: Enhances security by limiting admin access duration.

Overview Tab

  • Counts: Shows users, groups, apps, and devices managed in the tenant.
  • Alerts Section: Highlights issues to be aware of.
  • Highlighted Features: To optimize tenant usage.

Properties Tab

  • Customization: Name your tenant, set region, and data location.
    • Data Location: Critical for data sovereignty.

Access Management for Azure Resources

  • Purpose: Global admins control permissions inside Azure subscriptions.
  • Identity Source: All Azure identities come from Entra ID.
  • User Access Administrator Role: For setting up and reclaiming subscriptions.

User Management

  • User Types: Cloud-native, synced, guest users (B2B and B2C).
  • Metadata Assignment: Assign permissions, roles, and administrative units to users.

Creating Users

  • UPN, Display Name, Password: Basic requirements for new user creation.
  • Permissions Assignment: By administrative unit, group, or direct role.

Syncing Users

  • Cloud Sync vs. Connect Sync:
    • Connect Sync: Older, server-installed, on-premises management.
    • Cloud Sync: Newer, cloud-managed, lightweight agent.

Group Management

  • Group Types: Security (permissions) and M365 (collaboration).
  • Group Creation: Name, description, role assignment, and ownership.
  • Dynamic Groups: Automatically populated groups based on queries.

Authentication and Security

  • Deep Dive Available: Further details on authentication and security provided in additional resources.