Hybrid Identity with Windows AD and Azure AD (Entra ID)

Are you starting your cloud journey and want to learn more about Azure AD? Are you an experienced IT Professional expanding your knowledge to include Microsoft’s cloud native identity solution? Are you interested in proving your cloud skills with one of Microsoft’s Azure certifications? Or, are you simply interested in learning how to synchronize your Windows AD identities to Azure AD? If any of the above apply, then this course is for you.

This course starts with the basics, an understanding of Microsoft’s different Active Directory Solutions; Windows AD, Azure AD and Azure AD Domain Services. After that, we go deep into the requirements of implementing a Hybrid Identity solution that synchronizes users and devices from Windows AD to Azure AD. We then move onto common configuration and management tasks to support a secure and reliable Hybrid Identity solution.

This course uses a combination of lectures to help the student comprehend key concepts followed by a hands-on lab to put the concepts in practice. The mix of lectures and labs helps the student understand concepts, and build confidence in applying the concepts in real-world situations.

Hybrid Identity with Windows AD and Azure AD is intended to give students the knowledge to implement and maintain a hybrid identity solution with Azure AD. This course can also be used as a study guide, covering the skills measured in the following exams:

AZ-900 Microsoft Azure Fundamentals

• Describe identity, governance, privacy, and compliance features

• Define Azure Active Directory

• Describe the functionality and usage of Azure Active Directory

• Describe the functionality and usage of Conditional Access, Multi-Factor Authentication (MFA), and Single Sign-On (SSO)

AZ-104 Microsoft Azure Administrator

Manage Azure identities and governance

• Create users and groups

• Manage user and group properties

• Manage device settings

• Configure Azure AD join

• Configure self-service password reset

• Provide access to Azure resources by assigning roles at different scopes

AZ-303 Microsoft Azure Architect Technologies

Implement Azure Active Directory

• Add custom domains

• Implement self-service password reset

• Implement Conditional Access including MFA

• Configure verification methods

Implement and manage hybrid identities

• Install and configure Azure AD Connect

• Identity synchronization options

• Configure and manage password sync and password writeback

• Configure single sign-on

• Configure Azure AD Connect cloud sync

• Use Azure AD Connect Health

AZ-304 Microsoft Azure Architect Design

Design authentication

• Recommend a solution for single-sign on

• Recommend a solution for authentication

• Recommend a solution for Conditional Access, including multi-factor authentication

• Recommend a solution for a hybrid identity including Azure AD Connect, Azure AD Connect cloud sync and Azure AD Connect Health

• Recommend a solution for user self-service

This course requires a lab that includes a Windows AD Domain and a Windows client. There is an option to create these in your own lab environment. Alternatively, a lab can be created in Azure for the purposes of this course. In most cases, an introductory Azure credit will cover costs to run the course lab in Azure. Steps are taken in the labs to keep costs at a minimum.

Azure AD is a global service, and impending Hybrid Identity with Azure AD requires a publicly routable domain name to locate organizational resource in the domain. A publicly routable domain name with access to external DNS is required for this course. The public domain cannot be part of an existing Azure AD tenant. Public domain names can be acquired through a registrar for a nominal fee.