You might have missed it in all the noise, surrounding the launch of the Office Suite for iPad and the Enterprise Mobility Suite, but Microsoft also announced that yet another product will be generally available near the beginning of april. Microsoft Azure Active Directory Premium.
Where administrators already relied on Active Directory for identity and access management, Microsoft now also offers this service on a highly scalable platform, called Microsoft Azure. Organizations can extend their identity management into Windows Azure. The “Premium” feature offers a few extra features on top of MA-AD that demanding (on-premise) organizations nowadays often implement through third-party solutions or by using Microsoft’s ForeFront Identity Management solution. A major upgrade of this tool (FIM) has just been announced, and the release is forecasted for next year. Using MA-AD Premium end users can reset their password themselves when they forget it and IT departments can, set up portals containing links to various SaaS applications that can be accessed through the same login data (Single sign-on).
Below is an overview of the functionalities of MAAD Premium.
Azure Active Directory ensures that employees can authorize to different (cloud) applications with a single login name, starting their work from different browsers and from a variety of mobile devices. With the last sprint in additions to this centrialized Azure Solution, there are now over 1,200 cloud applications within the Active Directory Application Gallery. With Azure AD premium you can assign SaaS applications to groups which results in even more efficiency in your systems and application management.
Self-service password reset
Through the features mentioned above, all users can reset their own password, without the intervention of a Servicedesk. Somewhere in April 2014 there will be a release of a previeve feature ??within the GA software called “password write-back”. This feature will make sure that when a password is changed in Azure, it will get sync’ed back to its On-Premise partner.
Self-service group management
This allows departments to manage certain groups within your organization themselves, without involving/bothering IT with this work. Within the upcoming release GA (General Availability), Microsoft added policies and changes were made to enhance the experience.
With this feature, your organization can quickly and easily be secured with an extra layer of security. It is a multi–factor authentication principle (something you know and something you dynamically receive/generate), where the user needs a code next to its name and password as well. This code can be generated, using an app on a smartphone After entering the access code the user will then be authorized to access the requested service.
Mogelijkheid tot het aanpassen naar eigen smaak
With Active Directory Premium you will, to some extent, be enabled to give the portal your own “look and feel”.
Rapporteren, alarmering en analysetools
The reporting tools give you a clear understanding of potential risks and the use of cloud applications by users in your organization.
When using “Microsoft Azure Active Directory Premium“, your organization will ben entitled to use ForeFront Identity Manager (Server and Client Cal’s are included).
Microsoft Azure Active Directory Premium will be available through Microsoft’s Enterprise Agreement (EA) Volume Licensing program. Once you have AD Premium, you can manage it by going to https://manage.windowsazure.com You can experience what your users will see in the application portals , that can be foudn via https://myapps.microsoft.com.
A step-by step guid to setup Self-Service Password Reset can be found here.