What this book covers
Chapter 1 , Getting Started with a Cloud-Only Scenario, explains the main features and licensing information, including some basic cost calculations for such an approach. The challenging aspects with security and legal requirements will round off this chapter.
Chapter 2 , Planning and Designing Cloud Identities, teaches everything you need in order to understand and design identities for a cloud-only architecture. Starting with understanding the user and group life cycles, you will learn how to design roles and administrative units for Role-Based Access Control.
Chapter 3 , Planning and Designing Authentication and Application Access, teaches you how to design Azure AD as an identity provider and how to provide flexible and secure access to SaaS applications. Furthermore, you will learn about the rich authentication reporting functionality.
Chapter 4 , Building and Configuring a Suitable Azure AD, explains how to configure a suitable Azure AD tenant based on the appropriate architecture. You will also learn how to configure and manage users, groups, roles, and administrative units to provide user- and group-based application and self-service access, including the audit functionality.
Chapter 5 , Shifting to a Hybrid Scenario, explores all the necessary information for a transition process into a hybrid Identity and Access Management architecture with a single or multi-forest on-premise Active Directory environment. You will be able to describe the necessary architecture changes and relevant tasks to provide a successful solution shift.
Chapter 6, Extending to a Basic Hybrid Environment, guides you through all the business-relevant information to plan and make the right decisions for a hybrid approach. You will learn to adopt the correct features, licensing models, and security strategy for the typical legal requirements.
Chapter 7, Designing the Hybrid Identity Management Architecture, teaches you how to take advantage of managing common identities with Microsoft Identity Manager 2016 and to build cloud identities with the Azure AD Connect utility. You will also explore all the various functions for Identities by building a solid hybrid Identity Management solution.
Chapter 8, Planning the Authorization and Information Protection Options, explores the various functions for authorization and information protection for building a solid hybrid Access Management solution. Furthermore, you will get in touch with risk-based access control and the future functionality of Windows Server 2016.
Chapter 9, Building Cloud from Common Identities, teaches you how to configure and manage the Identity Synchronization and Federation environment. You will also be able to include on-premise applications and Multi-Factor Authentication.
Chapter 10 , Implementing Access Control Mechanisms, teaches you how to configure access-control mechanisms in the hybrid environment. You will configure Multi-Factor Authentication, Conditional Access, and Information Protection scenarios to apply the required security functionality.
Chapter 11, Managing Transition Scenarios with Special Scenarios, guides you through the transition process and principles for moving to a cloud-only or multi-forest approach. Additionally, you will learn how to identify the right strategy to decide the correct direction of a coming project. Furthermore, an effective change-management process will be discussed in this chapter.
Chapter 12, Advanced Considerations for Complex Scenarios, discusses complex and hybrid Identity and Access Management scenarios and teaches you all the necessary features and licensing models to go ahead. You will learn to understand the special business requirements and security and legal requirements in a complex hybrid infrastructure.
Chapter 13, Delivering Multi-Forest Hybrid Architectures, teaches you the capabilities of directory synchronization and single-sign on over different Active Directory forests. You will also learn about Identity Management over company borders, such as in Business-to-Customer (B2C) and Business-to-Business (B2B) scenarios. Furthermore, you will learn how to enhance the management of identities, authentication, and authorization.
Chapter 14 , Installing and Configuring the Enhanced Identity Infrastructure, teaches you how configure and manage a Multi-Forest Synchronization and Single-Sign-On high available identity and access management environment based on AAD Connect and ADFS in order to provide the required infrastructure for several use cases in a hybrid identity and access-management solution. You will also work with capabilities across company borders and publish the most common on-premise services.
Chapter 15, Installing and Configuring Information Protection Features, shows you how to configure information protection features with Azure RMS to secure access to sensitive data in order to provide an extended access-management solution. You will configure and publish custom Rights Policy templates, use RMS logging, and get a first view of the new Azure Information Protection capabilities.
Chapter 16, Choosing the Right Transition, Method, and Future Trends, is the final destination of our journey, where we will discuss additional information that will help you manage several cloud scenarios and support new initiatives. We will jump into some upcoming features and innovations of Microsoft.