Getting the best out of Azure AD

Hi, I spent some time with a customer yesterday who had a particular requirement around securing access to Office 365.  After a quick discussion it emerged they had paid for Azure AD Premium (via EMS licensing) but weren’t using key features that would help address their requirement.  After 10 mins of walking through Azure AD…


Azure AD – Ignite 2017 Announcement Summary

Hi, With the masses of information coming out of Ignite 2017 last week, I thought i’d throw together a quick summary of the key Azure AD announcements for your perusal. Some really great announcements and major enhancements in Conditional Access. Pass Through Authentication (PTA) is now generally available –  This feature has been in preview…


Getting Ready for Microsoft Cloud Identity – AAD Connect

Hi, The process to deploy AADConnect is a well-trodden path and there is lots of installation guidance out there.  This post is going to go into to a little more detail on deployment considerations and the options you are presented with during the installation. Build Number – AADConnect is regularly updated with new features. At…


Getting Ready for Microsoft Cloud Identity – Directory Preparation

Hi, A critical factor in the successful deployment of Microsoft Cloud Identity components is getting your on-premises Active Directory in order. Customers I work with generally have little problems getting AADConnect and\or AD FS deployed, but sometimes do miss some of the required directory remediation to ensure the deployment goes smoothly. For this reason I…


AADConnect – Multi Forest Synchronisation Planning

Hi, I mentioned in a previous post that I would go into further detail on the Multi-Forest synchronisation scenarios. I’m a man of my word so here it is. 🙂 With consolidation, mergers and acquisitions common place in today’s world, the Multi Forest capabilities of AADConnect are heavily utilised by customers. Customers really value these…


Cloud Identity Overview – Part 3 (Synchronisation)

Part 3 – Synchronisation As you will have read I have mentioned the reliance on an appliance named “AADConnect” for synchronisation of users, groups and contacts to Azure AD. So what is this synchronisation and why do we need it?. In a nutshell synchronisation is required for the following reasons. Provide on-premises integration – enables…


Cloud Identity Overview – Part 2 (Authorisation)

Part 2 – Authorisation Authentication is the process to validate that an individual is who they say they are. Authorisation extends this to determine what are they allowed to access given what we know about the user at that point. As we move into an era of working anywhere, on any device at any time,…


Cloud Identity Overview – Part 1 (Authentication)

Hi, I spend a lot of time with customers talking about Cloud Identity so I thought I’d put together a series of posts that provide an overview of the Microsoft Cloud Identity Story. In these posts I will aim to provide an overview of the technologies, describe the deployment options and answer frequently asked questions I get from customers….