Plan Your Identity & Authentication Solution (part 2)

 



To read part 1, please click here 
To read part 3, please click here




Directory Synchronization

It is known as the synchronization of directory identities or objects (users, groups, contacts, and computers) between two different directories, like your on-premises AD environment and Azure AD which can easily support online services like Microsoft 365. Although in Microsoft 365 directory synchronization is generally used to synchronize in one direction (i.e. from on-premises to Azure AD), but some features in Azure AD Connect permits it to write-back specific objects and attributes to the on-premises directory creating a sort of two-way synchronization. 

If you integrate your on-premises directories with Azure AD, it will allow your users to enhance productivity by reducing the amount of time spent in typing passwords for accessing both cloud and on-premises resources. The users and organizations can take following advantages from this integration:

  • Hybrid identity- A common hybrid identity can be offered across on-premises and cloud-based services along with a consistent group membership by leveraging AD and then connecting to Azure AD.

  • AD policies- The AD policies set through AD can be used by the administrators to help provide conditional access according to an application resource, device and user identity, network location, and multi-factor authentication without performing any additional task in the cloud.

  • Leverage identity- Users can readily leverage their common identity with the help of their accounts in Azure AD to Office 365, Intune, SaaS apps, and non-Microsoft applications.

  • Single-sign-on (SSO)- Users identities and information are protected as all the servers as well as services used in SSO are mastered and controlled on-premises, giving confidence to security.

  • Multi-factor authentication (MFA)- Security will have more confidence if they have the option to use strong authentication also known as multi-factor authentication (MFA), with the cloud service. 

  • Common identity model- Applications that can leverage the common identity model can be build with the help of developers integrating applications into on-premises AD while it is done (for examples, Azure AD App Proxy or Azure for Cloud-based applications).









To read part 1, please click here 
To read part 3, please click here





Comments

Popular posts from this blog

Deployment (Part 3)

Deployment (Part 1)

Project Resourcing (Part 2)