1 Azure Active Directory Solutions for Identity and Access Management February 2015. Copyright The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
2 Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document.
3 Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. The descriptions of other companies' products in this document, if any, are provided only as a convenience to you. Any such references should not be considered an endorsement or support by Microsoft. Microsoft cannot guarantee their accuracy, and the products may change over time. Also, the descriptions are intended as brief highlights to aid understanding, rather than as thorough coverage.
4 For authoritative descriptions of these products, please consult their respective manufacturers. 2015 Microsoft Corporation. All rights reserved. Any use or distribution of these materials without express authorization of Microsoft Corp. is strictly prohibited. Microsoft, Azure , Active Directory , Office 365, SharePoint, Windows, Microsoft Intune, Windows PowerShell, Windows Server, and Xbox Live are either registered trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
5 2. Contents Introduction .. 4. Organizations face Identity challenges when doing business in new ways .. 4. Digital identities are at the core of IT-related services .. 6. Hybrid and cloud-based Identity services provide 7. Azure Active Directory is a comprehensive service .. 7. Benefits and capabilities of Azure Active Directory .. 8. Improve operation, experience, and auditing of on-premises and cloud applications .. 8. Save time managing Office 365 for hybrid enterprises .. 9. Improve security though analytics and intelligence.
6 9. Simplify administration of Identity -related tasks and improve the user experience .. 11. Improve efficiency of managing the user lifecycle .. 12. Increase developer focus on core functionality of applications .. 13. Features of Azure Active Directory .. 14. Business scenarios and Solutions .. 16. Extend Office 365 to enable new Solutions .. 17. Enable mobile information workers to access applications .. 17. Enable workers in many environments to access applications .. 18. Enable partners and vendors to access applications.
7 20. Streamline mergers and acquisitions .. 20. Support governance, risk management, and compliance .. 21. Examples of organizations using Azure Active Directory .. 21. Architecture patterns for Azure AD Identity Solutions .. 25. Standard hybrid 25. User provisioning for the standard hybrid enterprise .. 25. Using Azure AD as the enterprise Directory .. 26. Mostly cloud 27. Business partner access .. 29. Mergers and acquisitions .. 30. Standardized identities .. 30. User principal name (UPN) patterns .. 31. Considerations for mobility Solutions .
8 31. Conclusion .. 32. 3. Introduction Many organizations are considering the most effective and valuable way to invest in cloud services to modernize, control costs, and enable new capabilities and scenarios. Cloud-based scenarios often require new Solutions to provide Identity and access management capabilities. This paper presents a collection of common scenarios and discusses the ways Azure Active Directory . ( Azure AD) provides a comprehensive solution that addresses Identity and access management requirements for on-premises and cloud applications, including Office 365 and a world of non-Microsoft SaaS applications.
9 You can use this paper to help plan and prepare for using cloud services in your organization. Organizations face Identity challenges when doing business in new ways Many organizations are migrating applications, data, and services to the cloud to avoid the costs of building and operating data centers. To remain competitive and relevant, organizations are retooling their business processes and workflows. As email has become a less useful means for collaboration between employees, vendors, and customers, businesses are looking towards new cloud-based collaboration Solutions .
10 Organizations also need to meet the expectations of a mobile workforce, with device preferences, flexible schedules, and a desire to use social media. To increase productivity and agility, many businesses are enabling employees to access applications and data anywhere, anytime. When businesses modernize, they often find shortcomings in infrastructure as well as in governance. Challenges presented by an inadequate Identity infrastructure impact administration tasks, limit the types of Solutions that an IT department can provide to an organization, complicate workflows, and hinder productivity.