Windows 10 is an exciting release from an Identity point of view with many new additions like Azure Active Directory Join, Web Account Manager, Microsoft Passport, and Windows Hello. This session is a high-level overview of the new Identity features and how they fit with each other. The viewers are expected to walk away with a clear mental model for user Identity on Windows 10.
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Build 2016 - P494 - Windows 10 Identity Overview
1.
2.
3. of employees use personal
devices for work purposes.*
of employees that typically
work on employer premises,
also frequently work away
from their desks.***
of all software will be available
on a SaaS delivery by 2020.**
66% 25% 33%
*CEB The Future of Corporate ITL: 203-2017. 2013.
**Forrester Application Adoption Trends: The Rise Of SaaS
***CEB IT Impact Report: Five Key Findings on Driving Employee Productivity Q1 2014.
6. Self-service setup & sign in with Azure AD account
Ideal for users who primarily access Office365 & Cloud apps
Automatic enrollment to MDM
Also available on Windows Phone 10!
Domain Join only better: Connected to Azure AD
Great for hybrid orgs with deployment processes in-place
Use of existing on-premises management solutions
Domain Join
Azure AD
Join
Org owned devices – Two models
7. Self-service setup & sign in with Azure AD account
Ideal for users who primarily access Office365 & Cloud apps
Automatic enrollment to MDM
Add a Work
Account
Personally owned devices – One model
9. Requirement Domain Join Azure AD Join Add a Work Account
Ownership Organization Organization Personal
Provisioning Prepared by IT Self configure in OOBE Self configure in Settings>>Accounts
Management Existing management solutions
(e.g. SCCM, GP, etc.)
MDM MDM
Resources SSO to enterprise resources hosted on-
premises and in the cloud
SSO to enterprise resources in the cloud,
and to on-premises resources exposed via
Proxy
SSO to enterprise resources in the cloud.
Deployment Traditional work place Seasonal workers, CYOD BYOD
Devices PCs and Tablets PCs, Tablets, and Windows Phone PCs, Tablets, and Windows Phone
16. Password theft is an epidemic
Pass the hash attacks are no longer hypothetical
Shared secrets are easily breached, stolen, or phished
Alternatives come with usability and/or operational costs
17. Key based authentication system built into Windows 10
Users create a gesture to use their Passport
TPM protects a private key used to sign auth requests
Eliminates the need to authenticate using a password
19. Windows for Work (IT admins)
- Domain Join
- Azure AD Join
- Add work account
Web Account Manager (Developers)
- One stop shop for authentication
Microsoft Passport & Windows Hello (IT admins + Developers)
- Say bye to passwords!
20. Azure AD Join
Overview
Azure AD Join on Windows 10 devices
Azure AD and Identity Show: Azure AD Join in Windows 10
Domain Join
Microsoft Azure Active Directory and Windows 10: Better Together for Work or
School
21. Web Account Manager
App APIs
WebAccountProvider APIs
Build 2015 – SSO with Secure Authentication
SDK samples
Other relevant sessions
3-767: Building Universal Windows Apps with Office 365 APIs
2-769: Develop Modern Native Application with Azure Active Directory
2-639: Microsoft Passport and Windows Hello
3-765: App-to-App Communication: Building a Web of Apps
3-654: Managing Mobile Devices and Applications in an Enterprise
22. Microsoft Passport and Windows Hello
Microsoft Passport Overview
What is Windows Hello?
Microsoft Passport and AAD: Eliminating passwords one device at a time!
Passport APIs
Build 2015:Microsoft Passport and Windows Hello: Moving Beyond Passwords
and Credential Theft