Hybrid Identity with Windows AD and Azure AD (Entra ID)
What you'll learn
- Understand Microsoft’s different directory services and their intended use.
- Identify requirements to prepare a Windows AD domain for identity synchronization.
- Deploy a hybrid identity solution using Azure AD Connect Sync.
- Become familiar with tasks for ongoing management of a Hybrid Identity solution to maintain a secure and reliable environment.
- Complete a case study in a hands-on lab that walks through steps to deploy a hybrid environment between Windows AD and Azure AD.
- An Azure AD Tenant and Subscription. An optional lab is included in order to create one, if needed.
- A publicly routable domain name with access to public DNS records.
- Azure AD P1 or P2 license. Included is a that shows how to use a trial license for those who qualify.
- A mobile device with the Microsoft Authenticator App.
- A basic understanding of Windows AD.
- Knowledge of PowerShell is helpful but not required.
Are you starting your cloud journey and want to learn more about Azure AD? Are you an experienced IT Professional expanding your knowledge to include Microsoft’s cloud native identity solution? Are you interested in proving your cloud skills with one of Microsoft’s Azure certifications? Or, are you simply interested in learning how to synchronize your Windows AD identities to Azure AD? If any of the above apply, then this course is for you.
This course starts with the basics, an understanding of Microsoft’s different Active Directory Solutions; Windows AD, Azure AD and Azure AD Domain Services. After that, we go deep into the requirements of implementing a Hybrid Identity solution that synchronizes users and devices from Windows AD to Azure AD. We then move onto common configuration and management tasks to support a secure and reliable Hybrid Identity solution.
This course uses a combination of lectures to help the student comprehend key concepts followed by a hands-on lab to put the concepts in practice. The mix of lectures and labs helps the student understand concepts, and build confidence in applying the concepts in real-world situations.
Hybrid Identity with Windows AD and Azure AD is intended to give students the knowledge to implement and maintain a hybrid identity solution with Azure AD. This course can also be used as a study guide, covering the skills measured in the following exams:
AZ-900 Microsoft Azure Fundamentals
Describe identity, governance, privacy, and compliance features
Define Azure Active Directory
Describe the functionality and usage of Azure Active Directory
Describe the functionality and usage of Conditional Access, Multi-Factor Authentication (MFA), and Single Sign-On (SSO)
AZ-104 Microsoft Azure Administrator
Manage Azure identities and governance
Create users and groups
Manage user and group properties
Manage device settings
Configure Azure AD join
Configure self-service password reset
Provide access to Azure resources by assigning roles at different scopes
AZ-303 Microsoft Azure Architect Technologies
Implement Azure Active Directory
Add custom domains
Implement self-service password reset
Implement Conditional Access including MFA
Configure verification methods
Implement and manage hybrid identities
Install and configure Azure AD Connect
Identity synchronization options
Configure and manage password sync and password writeback
Configure single sign-on
Configure Azure AD Connect cloud sync
Use Azure AD Connect Health
AZ-304 Microsoft Azure Architect Design
Recommend a solution for single-sign on
Recommend a solution for authentication
Recommend a solution for Conditional Access, including multi-factor authentication
Recommend a solution for a hybrid identity including Azure AD Connect, Azure AD Connect cloud sync and Azure AD Connect Health
Recommend a solution for user self-service
This course requires a lab that includes a Windows AD Domain and a Windows client. There is an option to create these in your own lab environment. Alternatively, a lab can be created in Azure for the purposes of this course. In most cases, an introductory Azure credit will cover costs to run the course lab in Azure. Steps are taken in the labs to keep costs at a minimum.
Azure AD is a global service, and impending Hybrid Identity with Azure AD requires a publicly routable domain name to locate organizational resource in the domain. A publicly routable domain name with access to external DNS is required for this course. The public domain cannot be part of an existing Azure AD tenant. Public domain names can be acquired through a registrar for a nominal fee.
Who this course is for:
- Anyone getting started with Azure or Azure Active Directory.
- IT Professionals who are currently, or planning to support hybrid Windows AD and Azure AD environments.
- Anyone preparing for Microsoft Certification AZ-900, AZ-104, AZ-500, AZ-303 or AZ-304.
Travis Roberts is a Cloud Infrastructure Architect based in Minneapolis, Minnesota. Travis has 20 years of IT experience in the legal, pharmaceutical, and marketing industries, and has worked with IT hardware manufacturers and managed service providers. Travis is a Microsoft Certified Trainer and has held numerous technical certifications throughout his career from Microsoft, VMware, Citrix, and Cisco.
Travis is active in the Minneapolis area Microsoft Azure community and online. Travis is a board member of the Minneapolis Azure User Group. He maintains a blog and YouTube channel on multiple Azure services.