Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service, which helps your employees sign in and access resources in External resources, such as Microsoft 365, the Azure portal, and thousands of other SaaS applications.
Windows AD vs. Azure AD
Active Directory consists of several services that run on Windows Server, managing user access to networked resources. Though Azure AD and Windows AD both manage user accounts, they use different authentication protocols and code bases. Therefore, Azure AD is not simply the cloud-based counterpart of Windows AD.
Azure Active Directory
- Azure AD is designed for web-based services. Azure AD supports services that use REST APIs for online cloud-based apps such as Office 365.
- Azure AD uses protocols such as SAML and OAuth.2.0. It does not support NTLM, Kerberos or LDAP.
- Azure AD uses Azure Policy, as opposed to Group Policy in Windows AD.
- Azure AD has a flat directory structure.
- Azure AD Join, which links to PCs, can only be used with Windows 10.
Users and Groups
Users and groups are the basic building blocks for Azure AD. You can further organize users into groups that will all behave similarly. For example, you may put your Product Management team in one Azure AD group and grant permissions at the group level, so when users leave the organization, you only need to deactivate one account, and the rest of the group stays the same.
Adding User and Groups to Azure AD
There are several methods to populate your users and groups in Azure AD:
- Use Azure AD Connect to sync users from Windows AD to Azure AD.
- You can create users manually in the Azure AD Management Portal.
- You can script the process to add new users with PowerShell.
- Or you could program the process with the Azure AD Graph API.
There are three types of audiences in Azure active directory:
- IT administrators
- Application developers
- Online customers
IT administrators take care of all the sign-in procedures. They also solve issues related to authentication.
Application developers use these services to build applications. Development becomes quick since there are many resources available.
They make use of services like Office 365, CRM services, and have all their demands catered immediately.