Hybrid Identity with Windows AD and Azure AD
Are you starting your cloud journey and want to learn more about Azure AD? Are you an experienced IT Professional expanding your knowledge to include Microsoft’s cloud native identity solution? Are you interested in proving your cloud skills with one of Microsoft’s Azure certifications? Or, are you simply interested in learning how to synchronize your Windows AD identities to Azure AD? If any of the above apply, then this course is for you.
This course starts with the basics, an understanding of Microsoft’s different Active Directory Solutions; Windows AD, Azure AD and Azure AD Domain Services. After that, we go deep into the requirements of implementing a Hybrid Identity solution that synchronizes users and devices from Windows AD to Azure AD. We then move onto common configuration and management tasks to support a secure and reliable Hybrid Identity solution.
This course uses a combination of lectures to help the student comprehend key concepts followed by a hands-on lab to put the concepts in practice. The mix of lectures and labs helps the student understand concepts, and build confidence in applying the concepts in real-world situations.
Hybrid Identity with Windows AD and Azure AD is intended to give students the knowledge to implement and maintain a hybrid identity solution with Azure AD. This course can also be used as a study guide, covering the skills measured in the following exams:
AZ-900 Microsoft Azure Fundamentals
- Describe identity, governance, privacy, and compliance features
- Define Azure Active Directory
- Describe the functionality and usage of Azure Active Directory
- Describe the functionality and usage of Conditional Access, Multi-Factor Authentication (MFA), and Single Sign-On (SSO)
AZ-104 Microsoft Azure Administrator
Manage Azure identities and governance
- Create users and groups
- Manage user and group properties
- Manage device settings
- Configure Azure AD join
- Configure self-service password reset
- Provide access to Azure resources by assigning roles at different scopes
AZ-303 Microsoft Azure Architect Technologies
Implement Azure Active Directory
- Add custom domains
- Implement self-service password reset
- Implement Conditional Access including MFA
- Configure verification methods
Implement and manage hybrid identities
- Install and configure Azure AD Connect
- Identity synchronization options
- Configure and manage password sync and password writeback
- Configure single sign-on
- Configure Azure AD Connect cloud sync
- Use Azure AD Connect Health
AZ-304 Microsoft Azure Architect Design
- Recommend a solution for single-sign on
- Recommend a solution for authentication
- Recommend a solution for Conditional Access, including multi-factor authentication
- Recommend a solution for a hybrid identity including Azure AD Connect, Azure AD Connect cloud sync and Azure AD Connect Health
- Recommend a solution for user self-service
This course requires a lab that includes a Windows AD Domain and a Windows client. There is an option to create these in your own lab environment. Alternatively, a lab can be created in Azure for the purposes of this course. In most cases, an introductory Azure credit will cover costs to run the course lab in Azure. Steps are taken in the labs to keep costs at a minimum.
Azure AD is a global service, and impending Hybrid Identity with Azure AD requires a publicly routable domain name to locate organizational resource in the domain. A publicly routable domain name with access to external DNS is required for this course. The public domain cannot be part of an existing Azure AD tenant. Public domain names can be acquired through a registrar for a nominal fee.
Who this course is for:
- Anyone getting started with Azure or Azure Active Directory.
- IT Professionals who are currently, or planning to support hybrid Windows AD and Azure AD environments.
- Anyone preparing for Microsoft Certification AZ-900, AZ-104, AZ-500, AZ-303 or AZ-304.
- An Azure AD Tenant and Subscription. An optional lab is included in order to create one, if needed.
- A publicly routable domain name with access to public DNS records.
- Azure AD P1 or P2 license. Included is a that shows how to use a trial license for those who qualify.
- A mobile device with the Microsoft Authenticator App.
- A basic understanding of Windows AD.
- Knowledge of PowerShell is helpful but not required.
Last Updated 10/2021