SlideShare a Scribd company logo

Active Directory Proposal

MJ Ferdous
MJ Ferdous

Active Directory is Microsoft's directory service that allows centralized management of user access and policies. It provides a single location for user information and authentication. Using Active Directory provides benefits such as simpler administration, security, scalability, and standardization. Active Directory can integrate with other Microsoft services like Exchange, SharePoint, and Lync to enable single sign-on and easy profile management across services. Windows Server Active Directory also supports identity and access management in the cloud and hybrid environments through integration with Azure Active Directory. It allows extending on-premises Active Directory to the cloud and provides single sign-on for cloud applications.

1 of 6
Download to read offline
March 16, 2015 Identity and Access Management using Windows Server Active Directory Service MJ Ferdous Account Technology Strategist Microsoft Bangladesh Phone: +8801715015093 Email: a-mjferd@microsoft.com Ziaul Hoque Mallick Corporate Accounts Lead Microsoft Bangladesh Phone: +8801755501612 Email: zimallic@microsoft.com
2 Proposal for Active Directory Identity and Access Management on Windows Server Active Directory Active Directory is Microsoft's directory service that allows administrators to assign policies, deploy software, and apply updates for an entire organization. AD also allows users to store all information in a central location, where it is backed up. First enterprise-class directory service Active Directory is the first enterprise-class directory service that is scalable, built from the ground up using Internet-standard technologies, and fully integrated with the operating system. Benefits of using Active Directory: • It makes the task of network administration simpler by maintaining a central repository of information. • It provides a single destination to look out for information. • Highly secured access to data through the usage of security policies. Thereby it improves the management of data. • Easily scalable. Supports millions of objects in a single domain. • Unified access to resources by supporting a uniform naming convention. • Lookup of names, addresses, phone numbers and other “white pages” information is standardized • Lookup of network resources like printers, servers, certificates and other “ yellow pages” information is standardized • Centralizing the management of the system will increase reliability and make it easier to keep it up to date Benefits of AD with Integrated Service or Software: • Single Sign On with all AD integrated application • User Profile automatically sync with exchange, Lync & SharePoint • Update user Information from SharePoint such as Profile Picture • Automatically sync or update in all application when any user information update in AD • User can view their profile information from Lync or SharePoint • User can easily find their colleague easily from Lync, Exchange SharePoint • User can connect to call, voice or chat directly from outlook contact or Lync • Find contact list easily from outlook, Lync or SharePoint
3 Proposal for Active Directory Active Directory Domain Controller Architecture Every Domain may have group policies or individual/separate group policies as per user group requirement. Domain Controller (DC) Logical Components The logical components of Domain Controller do not directly relate to any type of physical topology such as the layout of the network, but instead are used to organize objects within the directory according to the administrative and security requirements. These logical DC components include: • Forests, • Domains • Organizational Units (OUs). Additionally, as mentioned the two other major constructs are • Identity Provisioning • Identity Federation In order to provide the underlying infrastructure for the implementation for an authentication and management Directory Service, the future state need to consider several key components. These components include the following Unified Domain Controller Environment –This directory service will then be used to facilitate authentication, authorization and directory capabilities for common corporate applications, services, and centralized management of identities. Delegated Data Management – For business groups to manage their users, groups, workstations, printers, and servers in the most efficient management for their group and that can be different for each domain users and their groups or operational units. Organizational Integrity - Logical directory structure must support the application and maintenance of permissions and policy. Replication Integrity - All Domain Controllers must be dependably synchronizing with the same objects and attributes Standardized Format/Attributes - Predictable data and attributes for each directory object Single Identity - Single identity object for each user in Domain Controller
4 Proposal for Active Directory Identity and Access Management on Premise and in the Cloud From personal devices to various identity providers, granting user access to cloud applications is becoming more complex and costly for organizations to manage. With Microsoft’s Windows Azure Active Directory, Allegion gets enterprise-level identity services that help streamline directory and access management in the cloud, provides a seamless sign-in, self- service password reset experience to cloud resources and enhances security with Multi-Factor Authentication. Simplify access, centralize control Windows Azure Active Directory is a comprehensive identity and access management cloud solution. It combines core directory services, advanced identity governance, security and application access management. Windows Azure Active Directory also offers to developers an identity management platform based on centralized policy and rules. Use Windows Azure Active Directory to: Effectively manage users and access to cloud resources. Manage user account and attributes through the Windows Azure management portal. Centrally manage users’ access to Windows Azure and other Microsoft online services like Microsoft Office 365 and a world of non-Microsoft SaaS applications. Extend your on-premises Active Directory to the cloud. Extend your on-premises directory to Windows Azure Active Directory so that users can authenticate with one set of corporate credentials to their cloud-based resources. Provide single sign-on & self-service password reset capabilities across your on premise cloud applications. Deliver a seamless, single sign-on experience to your users across Microsoft online services, applications built on Windows Azure and hundreds of popular non-Microsoft cloud applications. Offers Multi-Factor authentication. Windows Azure Multi-Factor reduces organizational risk and helps enable regulatory compliance by providing an extra layer of authentication, in addition to a user’s account credentials, to secure employee, customer, and partner access. How it works Third party apps Your apps Dynamics CRM Office 365 SAP, BOX, WorkDay Salesforce, Oracle, etc
5 Proposal for Active Directory Turn it on for Windows Server Active Directory Use Multi-Factor Authentication to secure access to on premise applications and Windows Server, Microsoft Online Services like Office 365 and SharePoint, as well as third party cloud services that integrate Windows Server Active Directory. Windows Server Active Directory and Multi-Factor Authentication offer you a way to: • Enable single sign on: Synch your on premise identity with Office 365 and SharePoint using Windows Server Active Directory to enable single-sign on to Office 365 , SAP, Oracle, SalesForce and over 500+ SaaS applications and growing. • Help secure access: Can be part of a solution that complies with NIST 800-63 Level 3, HIPAA, PCI DSS, and other regulatory requirements. Provides persistent protection. Rights Management persists protection of file data when at rest and in motion. Once information is locked, only trusted entities that were granted usage rights under the specified conditions (if any) can unlock or decrypt the information. Supports closer management of usage rights and conditions. Organizations and individuals can assign usage rights and conditions using rights management that define how a specific trusted entity can use rights- protected content. Examples of usage rights are permission to read, copy, print, save, forward, and edit. Usage rights can be accompanied by conditions, such as when those rights expire. Get security and convenience Windows Server Multi-Factor Authentication, helps reduce organizational risk and enable regulatory compliance by providing an extra layer of authentication, in addition to a user’s account credentials, to help secure employee, customer and partner access. The service is enterprise ready and features integration with remote access VPNs, web applications, virtual desktops, single sign-on systems and cloud applications. It synchronizes with existing user directories for centralized user management and automated enrollment. Add it to on premise applications Windows Server Active Directory and Multi-Factor Authentication also extend beyond only Microsoft cloud- based applications like Office 365 and SharePoint. With Windows Server Active Directory, you can apply your customized on premise Active Directory to all your cloud-based applications or even let users log in to non-Microsoft based applications using identities from Facebook, Google, and other identity providers. Windows Server Multi-Factor Authentication & Rights Management Data Protection With escalating IT security threats and a growing number of users, applications, and devices, multi-factor authentication has become the new standard for securing access. Regulatory agencies agree and have mandated its use across a broad range of industries. Multi-Factor Authentication can be rapidly enabled for large, geographically diverse user groups – offering convenience, scale, and security.
NOTICE The information contained in this document (a) represents Microsoft’s current statement of the features, functions, and capabilities of the products and services described herein, which is subject to change at any time without notice to you, (b) is for your internal evaluation purposes only and should not be interpreted as a binding offer or commitment on the part of Microsoft to provide any product or service described herein; and (c) constitutes Microsoft trade secret information and may not be disclosed to any third party. Any procurement that may result from this information is subject to negotiation and execution of a definitive agreement between customer and its chosen authorized Microsoft reseller incorporating applicable Microsoft commercial terms. Microsoft does not guarantee the accuracy of any information presented and assumes no liability arising from your use of the information. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. The descriptions of other companies’ products in this document, if any, are provided only as a convenience to you. Any such references should not be considered an endorsement or support by Microsoft. Microsoft cannot guarantee their accuracy, and the products may change over time. Also, the descriptions are intended as brief highlights to aid understanding, rather than as thorough coverage. For authoritative descriptions of these products, please consult their respective manufacturers. All trademarks are the property of their respective companies. ©2015 Microsoft Corporation. All rights reserved.

Recommended

Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewDavid J Rosenthal
 
Microsoft Azure Overview
Microsoft Azure OverviewMicrosoft Azure Overview
Microsoft Azure OverviewDavid J Rosenthal
 
Understanding Azure Disaster Recovery
Understanding Azure Disaster RecoveryUnderstanding Azure Disaster Recovery
Understanding Azure Disaster RecoveryNew Horizons Ireland
 
Business Continuity & Disaster Recovery with Microsoft Azure
Business Continuity & Disaster Recovery with Microsoft AzureBusiness Continuity & Disaster Recovery with Microsoft Azure
Business Continuity & Disaster Recovery with Microsoft AzureAymen Mami
 
Active Directory Training
Active Directory TrainingActive Directory Training
Active Directory TrainingNishad Sukumaran
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Windows Azure Virtual Machines
Windows Azure Virtual MachinesWindows Azure Virtual Machines
Windows Azure Virtual MachinesClint Edmonson
 
Microsoft Azure Technical Overview
Microsoft Azure Technical OverviewMicrosoft Azure Technical Overview
Microsoft Azure Technical Overviewgjuljo
 

Recommended

Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewDavid J Rosenthal
 
Microsoft Azure Overview
Microsoft Azure OverviewMicrosoft Azure Overview
Microsoft Azure OverviewDavid J Rosenthal
 
Understanding Azure Disaster Recovery
Understanding Azure Disaster RecoveryUnderstanding Azure Disaster Recovery
Understanding Azure Disaster RecoveryNew Horizons Ireland
 
Business Continuity & Disaster Recovery with Microsoft Azure
Business Continuity & Disaster Recovery with Microsoft AzureBusiness Continuity & Disaster Recovery with Microsoft Azure
Business Continuity & Disaster Recovery with Microsoft AzureAymen Mami
 
Active Directory Training
Active Directory TrainingActive Directory Training
Active Directory TrainingNishad Sukumaran
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Windows Azure Virtual Machines
Windows Azure Virtual MachinesWindows Azure Virtual Machines
Windows Azure Virtual MachinesClint Edmonson
 
Microsoft Azure Technical Overview
Microsoft Azure Technical OverviewMicrosoft Azure Technical Overview
Microsoft Azure Technical Overviewgjuljo
 
Migrating Data and Databases to Azure
Migrating Data and Databases to AzureMigrating Data and Databases to Azure
Migrating Data and Databases to AzureKaren Lopez
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An IntroductionVenkatesh Narayanan
 
Azure fundamentals
Azure fundamentalsAzure fundamentals
Azure fundamentalsRaju Kumar
 
Microsoft azure
Microsoft azureMicrosoft azure
Microsoft azureCharith Suriyakula
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access managementDinusha Kumarasiri
 
Cloud Computing Essentials
Cloud Computing EssentialsCloud Computing Essentials
Cloud Computing EssentialsVelocity Technology Solutions
 
Veeam back up and replication presentation
Veeam back up and replication presentation Veeam back up and replication presentation
Veeam back up and replication presentation BlueChipICT
 
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...Edureka!
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAnoop Nair
 
Data center virtualization
Data center virtualizationData center virtualization
Data center virtualizationmazin Salih
 
Virtual desktop infrastructure
Virtual desktop infrastructureVirtual desktop infrastructure
Virtual desktop infrastructureGokulan Subramani
 
High Availability in Microsoft Azure
High Availability in Microsoft AzureHigh Availability in Microsoft Azure
High Availability in Microsoft AzureKrunal Trivedi
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud ComputingAnimesh Chaturvedi
 
IaaS - Infrastructure as a Service
IaaS - Infrastructure as a ServiceIaaS - Infrastructure as a Service
IaaS - Infrastructure as a ServiceRajind Ruparathna
 
Azure Monitoring Overview
Azure Monitoring OverviewAzure Monitoring Overview
Azure Monitoring Overviewgjuljo
 
Azure Introduction
Azure IntroductionAzure Introduction
Azure Introductionbrunoterkaly
 
Active Directory Upgrade
Active Directory UpgradeActive Directory Upgrade
Active Directory UpgradeSpiffy
 
AWS Security Checklist
AWS Security ChecklistAWS Security Checklist
AWS Security ChecklistAmazon Web Services
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and ComplianceKarina Matos
 
Designing the active directory logical structure
Designing the active directory logical structureDesigning the active directory logical structure
Designing the active directory logical structureJohn Carlo Catacutan
 
Network proposal ppt
Network proposal pptNetwork proposal ppt
Network proposal pptFrankNitty II
 

More Related Content

What's hot

Migrating Data and Databases to Azure
Migrating Data and Databases to AzureMigrating Data and Databases to Azure
Migrating Data and Databases to AzureKaren Lopez
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An IntroductionVenkatesh Narayanan
 
Azure fundamentals
Azure fundamentalsAzure fundamentals
Azure fundamentalsRaju Kumar
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access managementDinusha Kumarasiri
 
Veeam back up and replication presentation
Veeam back up and replication presentation Veeam back up and replication presentation
Veeam back up and replication presentation BlueChipICT
 
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...Edureka!
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAnoop Nair
 
Data center virtualization
Data center virtualizationData center virtualization
Data center virtualizationmazin Salih
 
Virtual desktop infrastructure
Virtual desktop infrastructureVirtual desktop infrastructure
Virtual desktop infrastructureGokulan Subramani
 
High Availability in Microsoft Azure
High Availability in Microsoft AzureHigh Availability in Microsoft Azure
High Availability in Microsoft AzureKrunal Trivedi
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud ComputingAnimesh Chaturvedi
 
IaaS - Infrastructure as a Service
IaaS - Infrastructure as a ServiceIaaS - Infrastructure as a Service
IaaS - Infrastructure as a ServiceRajind Ruparathna
 
Azure Monitoring Overview
Azure Monitoring OverviewAzure Monitoring Overview
Azure Monitoring Overviewgjuljo
 
Azure Introduction
Azure IntroductionAzure Introduction
Azure Introductionbrunoterkaly
 
Active Directory Upgrade
Active Directory UpgradeActive Directory Upgrade
Active Directory UpgradeSpiffy
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and ComplianceKarina Matos
 

What's hot (20)

Migrating Data and Databases to Azure
Migrating Data and Databases to AzureMigrating Data and Databases to Azure
Migrating Data and Databases to Azure
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
 
Azure fundamentals
Azure fundamentalsAzure fundamentals
Azure fundamentals
 
Microsoft azure
Microsoft azureMicrosoft azure
Microsoft azure
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access management
 
Cloud Computing Essentials
Cloud Computing EssentialsCloud Computing Essentials
Cloud Computing Essentials
 
Veeam back up and replication presentation
Veeam back up and replication presentation Veeam back up and replication presentation
Veeam back up and replication presentation
 
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
 
Data center virtualization
Data center virtualizationData center virtualization
Data center virtualization
 
Virtual desktop infrastructure
Virtual desktop infrastructureVirtual desktop infrastructure
Virtual desktop infrastructure
 
High Availability in Microsoft Azure
High Availability in Microsoft AzureHigh Availability in Microsoft Azure
High Availability in Microsoft Azure
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud Computing
 
IaaS - Infrastructure as a Service
IaaS - Infrastructure as a ServiceIaaS - Infrastructure as a Service
IaaS - Infrastructure as a Service
 
Azure Monitoring Overview
Azure Monitoring OverviewAzure Monitoring Overview
Azure Monitoring Overview
 
Azure Introduction
Azure IntroductionAzure Introduction
Azure Introduction
 
Active Directory Upgrade
Active Directory UpgradeActive Directory Upgrade
Active Directory Upgrade
 
AWS Security Checklist
AWS Security ChecklistAWS Security Checklist
AWS Security Checklist
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 

Viewers also liked

Designing the active directory logical structure
Designing the active directory logical structureDesigning the active directory logical structure
Designing the active directory logical structureJohn Carlo Catacutan
 
Network proposal ppt
Network proposal pptNetwork proposal ppt
Network proposal pptFrankNitty II
 
Microsoft Solution Proposal with AD, Exchange & SC--Bill of Materials
Microsoft Solution Proposal with AD, Exchange & SC--Bill of MaterialsMicrosoft Solution Proposal with AD, Exchange & SC--Bill of Materials
Microsoft Solution Proposal with AD, Exchange & SC--Bill of MaterialsShahab Al Yamin Chawdhury
 
Windows server 2012 - installing active directory domain server
Windows server 2012 - installing active directory domain serverWindows server 2012 - installing active directory domain server
Windows server 2012 - installing active directory domain serverahmadbahaj
 
How to make a proposal
How to make a proposalHow to make a proposal
How to make a proposalsilasyao
 
Introduction to Active Directory
Introduction to Active DirectoryIntroduction to Active Directory
Introduction to Active Directorythoms1i
 
Mail Server Project Report
Mail Server Project ReportMail Server Project Report
Mail Server Project ReportKavita Sharma
 

Viewers also liked (8)

Designing the active directory logical structure
Designing the active directory logical structureDesigning the active directory logical structure
Designing the active directory logical structure
 
Network proposal ppt
Network proposal pptNetwork proposal ppt
Network proposal ppt
 
Active Directory
Active Directory Active Directory
Active Directory
 
Microsoft Solution Proposal with AD, Exchange & SC--Bill of Materials
Microsoft Solution Proposal with AD, Exchange & SC--Bill of MaterialsMicrosoft Solution Proposal with AD, Exchange & SC--Bill of Materials
Microsoft Solution Proposal with AD, Exchange & SC--Bill of Materials
 
Windows server 2012 - installing active directory domain server
Windows server 2012 - installing active directory domain serverWindows server 2012 - installing active directory domain server
Windows server 2012 - installing active directory domain server
 
How to make a proposal
How to make a proposalHow to make a proposal
How to make a proposal
 
Introduction to Active Directory
Introduction to Active DirectoryIntroduction to Active Directory
Introduction to Active Directory
 
Mail Server Project Report
Mail Server Project ReportMail Server Project Report
Mail Server Project Report
 

Similar to Active Directory Proposal

2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD 2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD Peter Selch Dahl
 
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADPremier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADuberbaum
 
Agile IT EMS webinar series, session 1
Agile IT EMS webinar series, session 1Agile IT EMS webinar series, session 1
Agile IT EMS webinar series, session 1AgileIT
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active DirectorySovelto
 
MS Cloud Identity and Access Infographic 2015 (1)
MS Cloud Identity and Access Infographic 2015 (1)MS Cloud Identity and Access Infographic 2015 (1)
MS Cloud Identity and Access Infographic 2015 (1)Luís Serra Libório
 
Ms cloud identity and access infographic 2015
Ms cloud identity and access infographic 2015Ms cloud identity and access infographic 2015
Ms cloud identity and access infographic 2015Kesavan Munuswamy
 
Microsoft Azure Kimlik Yönetimi
Microsoft Azure Kimlik YönetimiMicrosoft Azure Kimlik Yönetimi
Microsoft Azure Kimlik YönetimiÖnder Değer
 
Identity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureIdentity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureSparkhound Inc.
 
LTS Secure Identity Management
LTS Secure Identity ManagementLTS Secure Identity Management
LTS Secure Identity Managementrver21
 
MSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information ProtectionMSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information ProtectionKesavan Munuswamy
 
SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?
SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?
SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?Scott Hoag
 
O365-AzureAD Identity management
O365-AzureAD Identity managementO365-AzureAD Identity management
O365-AzureAD Identity managementDavid Pechon
 
JoTechies - Cloud identity
JoTechies - Cloud identityJoTechies - Cloud identity
JoTechies - Cloud identityJoTechies
 
What is Authentication Active Directory_.pptx
What is Authentication Active Directory_.pptxWhat is Authentication Active Directory_.pptx
What is Authentication Active Directory_.pptxHeenaMehta35
 
EMS-HPT Template-v.1.0
EMS-HPT Template-v.1.0EMS-HPT Template-v.1.0
EMS-HPT Template-v.1.0Huy Pham
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itPeter De Tender
 
Windows Server 2012 R2 Jump Start - AIP
Windows Server 2012 R2 Jump Start - AIPWindows Server 2012 R2 Jump Start - AIP
Windows Server 2012 R2 Jump Start - AIPPaulo Freitas
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active DirectoryKrunal Trivedi
 
Identity Management
Identity ManagementIdentity Management
Identity Managementrver21
 
LTS Secure Identity Management
LTS Secure Identity ManagementLTS Secure Identity Management
LTS Secure Identity Managementrver21
 

Similar to Active Directory Proposal (20)

2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD 2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD
 
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADPremier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
 
Agile IT EMS webinar series, session 1
Agile IT EMS webinar series, session 1Agile IT EMS webinar series, session 1
Agile IT EMS webinar series, session 1
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
 
MS Cloud Identity and Access Infographic 2015 (1)
MS Cloud Identity and Access Infographic 2015 (1)MS Cloud Identity and Access Infographic 2015 (1)
MS Cloud Identity and Access Infographic 2015 (1)
 
Ms cloud identity and access infographic 2015
Ms cloud identity and access infographic 2015Ms cloud identity and access infographic 2015
Ms cloud identity and access infographic 2015
 
Microsoft Azure Kimlik Yönetimi
Microsoft Azure Kimlik YönetimiMicrosoft Azure Kimlik Yönetimi
Microsoft Azure Kimlik Yönetimi
 
Identity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureIdentity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft Azure
 
LTS Secure Identity Management
LTS Secure Identity ManagementLTS Secure Identity Management
LTS Secure Identity Management
 
MSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information ProtectionMSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information Protection
 
SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?
SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?
SPSVB - Office 365 and Cloud Identity - What Does It Mean for Me?
 
O365-AzureAD Identity management
O365-AzureAD Identity managementO365-AzureAD Identity management
O365-AzureAD Identity management
 
JoTechies - Cloud identity
JoTechies - Cloud identityJoTechies - Cloud identity
JoTechies - Cloud identity
 
What is Authentication Active Directory_.pptx
What is Authentication Active Directory_.pptxWhat is Authentication Active Directory_.pptx
What is Authentication Active Directory_.pptx
 
EMS-HPT Template-v.1.0
EMS-HPT Template-v.1.0EMS-HPT Template-v.1.0
EMS-HPT Template-v.1.0
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy itWhat is Microsoft Enterprise Mobility Suite and how to deploy it
What is Microsoft Enterprise Mobility Suite and how to deploy it
 
Windows Server 2012 R2 Jump Start - AIP
Windows Server 2012 R2 Jump Start - AIPWindows Server 2012 R2 Jump Start - AIP
Windows Server 2012 R2 Jump Start - AIP
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active Directory
 
Identity Management
Identity ManagementIdentity Management
Identity Management
 
LTS Secure Identity Management
LTS Secure Identity ManagementLTS Secure Identity Management
LTS Secure Identity Management
 

More from MJ Ferdous

An Article on Hybrid Cloud
An Article on Hybrid CloudAn Article on Hybrid Cloud
An Article on Hybrid CloudMJ Ferdous
 
IT Career Path in Enterprise Sector
IT Career Path in Enterprise SectorIT Career Path in Enterprise Sector
IT Career Path in Enterprise SectorMJ Ferdous
 
Office 365 Proposal Bangladesh - Biman
Office 365 Proposal Bangladesh - BimanOffice 365 Proposal Bangladesh - Biman
Office 365 Proposal Bangladesh - BimanMJ Ferdous
 
SharePoint Document Management
SharePoint Document ManagementSharePoint Document Management
SharePoint Document ManagementMJ Ferdous
 
SharePoint Development Workshop
SharePoint Development WorkshopSharePoint Development Workshop
SharePoint Development WorkshopMJ Ferdous
 
O365 business training workshop
O365 business training workshopO365 business training workshop
O365 business training workshopMJ Ferdous
 
Project management tips and trick
Project management tips and trickProject management tips and trick
Project management tips and trickMJ Ferdous
 
Workflow in SharePoint 2013
Workflow in SharePoint 2013Workflow in SharePoint 2013
Workflow in SharePoint 2013MJ Ferdous
 
Introduction and What’s new in SharePoint 2013
Introduction and What’s new in SharePoint 2013Introduction and What’s new in SharePoint 2013
Introduction and What’s new in SharePoint 2013MJ Ferdous
 
BrainStation portal presentation
BrainStation portal presentationBrainStation portal presentation
BrainStation portal presentationMJ Ferdous
 
Share point workflow problem and its resolution
Share point workflow problem and its resolutionShare point workflow problem and its resolution
Share point workflow problem and its resolutionMJ Ferdous
 
SharePoint Development(Lesson 5)
SharePoint Development(Lesson 5)SharePoint Development(Lesson 5)
SharePoint Development(Lesson 5)MJ Ferdous
 
SharePoint Development (Lesson 4)
SharePoint Development (Lesson 4)SharePoint Development (Lesson 4)
SharePoint Development (Lesson 4)MJ Ferdous
 
SharePoint Development (Lesson 3)
SharePoint Development (Lesson 3)SharePoint Development (Lesson 3)
SharePoint Development (Lesson 3)MJ Ferdous
 
SharePoint Fundamentals (Lesson 1&2)
SharePoint Fundamentals (Lesson 1&2)SharePoint Fundamentals (Lesson 1&2)
SharePoint Fundamentals (Lesson 1&2)MJ Ferdous
 
Basis soft expro
Basis soft exproBasis soft expro
Basis soft exproMJ Ferdous
 
Share point 2010 administration & development
Share point 2010 administration & developmentShare point 2010 administration & development
Share point 2010 administration & developmentMJ Ferdous
 
Share point 2010 overview
Share point 2010 overviewShare point 2010 overview
Share point 2010 overviewMJ Ferdous
 
Sharepoint mobile version v2
Sharepoint mobile version v2Sharepoint mobile version v2
Sharepoint mobile version v2MJ Ferdous
 
Share Point For Beginners V1
Share Point For Beginners V1Share Point For Beginners V1
Share Point For Beginners V1MJ Ferdous
 

More from MJ Ferdous (20)

An Article on Hybrid Cloud
An Article on Hybrid CloudAn Article on Hybrid Cloud
An Article on Hybrid Cloud
 
IT Career Path in Enterprise Sector
IT Career Path in Enterprise SectorIT Career Path in Enterprise Sector
IT Career Path in Enterprise Sector
 
Office 365 Proposal Bangladesh - Biman
Office 365 Proposal Bangladesh - BimanOffice 365 Proposal Bangladesh - Biman
Office 365 Proposal Bangladesh - Biman
 
SharePoint Document Management
SharePoint Document ManagementSharePoint Document Management
SharePoint Document Management
 
SharePoint Development Workshop
SharePoint Development WorkshopSharePoint Development Workshop
SharePoint Development Workshop
 
O365 business training workshop
O365 business training workshopO365 business training workshop
O365 business training workshop
 
Project management tips and trick
Project management tips and trickProject management tips and trick
Project management tips and trick
 
Workflow in SharePoint 2013
Workflow in SharePoint 2013Workflow in SharePoint 2013
Workflow in SharePoint 2013
 
Introduction and What’s new in SharePoint 2013
Introduction and What’s new in SharePoint 2013Introduction and What’s new in SharePoint 2013
Introduction and What’s new in SharePoint 2013
 
BrainStation portal presentation
BrainStation portal presentationBrainStation portal presentation
BrainStation portal presentation
 
Share point workflow problem and its resolution
Share point workflow problem and its resolutionShare point workflow problem and its resolution
Share point workflow problem and its resolution
 
SharePoint Development(Lesson 5)
SharePoint Development(Lesson 5)SharePoint Development(Lesson 5)
SharePoint Development(Lesson 5)
 
SharePoint Development (Lesson 4)
SharePoint Development (Lesson 4)SharePoint Development (Lesson 4)
SharePoint Development (Lesson 4)
 
SharePoint Development (Lesson 3)
SharePoint Development (Lesson 3)SharePoint Development (Lesson 3)
SharePoint Development (Lesson 3)
 
SharePoint Fundamentals (Lesson 1&2)
SharePoint Fundamentals (Lesson 1&2)SharePoint Fundamentals (Lesson 1&2)
SharePoint Fundamentals (Lesson 1&2)
 
Basis soft expro
Basis soft exproBasis soft expro
Basis soft expro
 
Share point 2010 administration & development
Share point 2010 administration & developmentShare point 2010 administration & development
Share point 2010 administration & development
 
Share point 2010 overview
Share point 2010 overviewShare point 2010 overview
Share point 2010 overview
 
Sharepoint mobile version v2
Sharepoint mobile version v2Sharepoint mobile version v2
Sharepoint mobile version v2
 
Share Point For Beginners V1
Share Point For Beginners V1Share Point For Beginners V1
Share Point For Beginners V1
 

Active Directory Proposal

  • 1. March 16, 2015 Identity and Access Management using Windows Server Active Directory Service MJ Ferdous Account Technology Strategist Microsoft Bangladesh Phone: +8801715015093 Email: a-mjferd@microsoft.com Ziaul Hoque Mallick Corporate Accounts Lead Microsoft Bangladesh Phone: +8801755501612 Email: zimallic@microsoft.com
  • 2. 2 Proposal for Active Directory Identity and Access Management on Windows Server Active Directory Active Directory is Microsoft's directory service that allows administrators to assign policies, deploy software, and apply updates for an entire organization. AD also allows users to store all information in a central location, where it is backed up. First enterprise-class directory service Active Directory is the first enterprise-class directory service that is scalable, built from the ground up using Internet-standard technologies, and fully integrated with the operating system. Benefits of using Active Directory: • It makes the task of network administration simpler by maintaining a central repository of information. • It provides a single destination to look out for information. • Highly secured access to data through the usage of security policies. Thereby it improves the management of data. • Easily scalable. Supports millions of objects in a single domain. • Unified access to resources by supporting a uniform naming convention. • Lookup of names, addresses, phone numbers and other “white pages” information is standardized • Lookup of network resources like printers, servers, certificates and other “ yellow pages” information is standardized • Centralizing the management of the system will increase reliability and make it easier to keep it up to date Benefits of AD with Integrated Service or Software: • Single Sign On with all AD integrated application • User Profile automatically sync with exchange, Lync & SharePoint • Update user Information from SharePoint such as Profile Picture • Automatically sync or update in all application when any user information update in AD • User can view their profile information from Lync or SharePoint • User can easily find their colleague easily from Lync, Exchange SharePoint • User can connect to call, voice or chat directly from outlook contact or Lync • Find contact list easily from outlook, Lync or SharePoint
  • 3. 3 Proposal for Active Directory Active Directory Domain Controller Architecture Every Domain may have group policies or individual/separate group policies as per user group requirement. Domain Controller (DC) Logical Components The logical components of Domain Controller do not directly relate to any type of physical topology such as the layout of the network, but instead are used to organize objects within the directory according to the administrative and security requirements. These logical DC components include: • Forests, • Domains • Organizational Units (OUs). Additionally, as mentioned the two other major constructs are • Identity Provisioning • Identity Federation In order to provide the underlying infrastructure for the implementation for an authentication and management Directory Service, the future state need to consider several key components. These components include the following Unified Domain Controller Environment –This directory service will then be used to facilitate authentication, authorization and directory capabilities for common corporate applications, services, and centralized management of identities. Delegated Data Management – For business groups to manage their users, groups, workstations, printers, and servers in the most efficient management for their group and that can be different for each domain users and their groups or operational units. Organizational Integrity - Logical directory structure must support the application and maintenance of permissions and policy. Replication Integrity - All Domain Controllers must be dependably synchronizing with the same objects and attributes Standardized Format/Attributes - Predictable data and attributes for each directory object Single Identity - Single identity object for each user in Domain Controller
  • 4. 4 Proposal for Active Directory Identity and Access Management on Premise and in the Cloud From personal devices to various identity providers, granting user access to cloud applications is becoming more complex and costly for organizations to manage. With Microsoft’s Windows Azure Active Directory, Allegion gets enterprise-level identity services that help streamline directory and access management in the cloud, provides a seamless sign-in, self- service password reset experience to cloud resources and enhances security with Multi-Factor Authentication. Simplify access, centralize control Windows Azure Active Directory is a comprehensive identity and access management cloud solution. It combines core directory services, advanced identity governance, security and application access management. Windows Azure Active Directory also offers to developers an identity management platform based on centralized policy and rules. Use Windows Azure Active Directory to: Effectively manage users and access to cloud resources. Manage user account and attributes through the Windows Azure management portal. Centrally manage users’ access to Windows Azure and other Microsoft online services like Microsoft Office 365 and a world of non-Microsoft SaaS applications. Extend your on-premises Active Directory to the cloud. Extend your on-premises directory to Windows Azure Active Directory so that users can authenticate with one set of corporate credentials to their cloud-based resources. Provide single sign-on & self-service password reset capabilities across your on premise cloud applications. Deliver a seamless, single sign-on experience to your users across Microsoft online services, applications built on Windows Azure and hundreds of popular non-Microsoft cloud applications. Offers Multi-Factor authentication. Windows Azure Multi-Factor reduces organizational risk and helps enable regulatory compliance by providing an extra layer of authentication, in addition to a user’s account credentials, to secure employee, customer, and partner access. How it works Third party apps Your apps Dynamics CRM Office 365 SAP, BOX, WorkDay Salesforce, Oracle, etc
  • 5. 5 Proposal for Active Directory Turn it on for Windows Server Active Directory Use Multi-Factor Authentication to secure access to on premise applications and Windows Server, Microsoft Online Services like Office 365 and SharePoint, as well as third party cloud services that integrate Windows Server Active Directory. Windows Server Active Directory and Multi-Factor Authentication offer you a way to: • Enable single sign on: Synch your on premise identity with Office 365 and SharePoint using Windows Server Active Directory to enable single-sign on to Office 365 , SAP, Oracle, SalesForce and over 500+ SaaS applications and growing. • Help secure access: Can be part of a solution that complies with NIST 800-63 Level 3, HIPAA, PCI DSS, and other regulatory requirements. Provides persistent protection. Rights Management persists protection of file data when at rest and in motion. Once information is locked, only trusted entities that were granted usage rights under the specified conditions (if any) can unlock or decrypt the information. Supports closer management of usage rights and conditions. Organizations and individuals can assign usage rights and conditions using rights management that define how a specific trusted entity can use rights- protected content. Examples of usage rights are permission to read, copy, print, save, forward, and edit. Usage rights can be accompanied by conditions, such as when those rights expire. Get security and convenience Windows Server Multi-Factor Authentication, helps reduce organizational risk and enable regulatory compliance by providing an extra layer of authentication, in addition to a user’s account credentials, to help secure employee, customer and partner access. The service is enterprise ready and features integration with remote access VPNs, web applications, virtual desktops, single sign-on systems and cloud applications. It synchronizes with existing user directories for centralized user management and automated enrollment. Add it to on premise applications Windows Server Active Directory and Multi-Factor Authentication also extend beyond only Microsoft cloud- based applications like Office 365 and SharePoint. With Windows Server Active Directory, you can apply your customized on premise Active Directory to all your cloud-based applications or even let users log in to non-Microsoft based applications using identities from Facebook, Google, and other identity providers. Windows Server Multi-Factor Authentication & Rights Management Data Protection With escalating IT security threats and a growing number of users, applications, and devices, multi-factor authentication has become the new standard for securing access. Regulatory agencies agree and have mandated its use across a broad range of industries. Multi-Factor Authentication can be rapidly enabled for large, geographically diverse user groups – offering convenience, scale, and security.
  • 6. NOTICE The information contained in this document (a) represents Microsoft’s current statement of the features, functions, and capabilities of the products and services described herein, which is subject to change at any time without notice to you, (b) is for your internal evaluation purposes only and should not be interpreted as a binding offer or commitment on the part of Microsoft to provide any product or service described herein; and (c) constitutes Microsoft trade secret information and may not be disclosed to any third party. Any procurement that may result from this information is subject to negotiation and execution of a definitive agreement between customer and its chosen authorized Microsoft reseller incorporating applicable Microsoft commercial terms. Microsoft does not guarantee the accuracy of any information presented and assumes no liability arising from your use of the information. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. The descriptions of other companies’ products in this document, if any, are provided only as a convenience to you. Any such references should not be considered an endorsement or support by Microsoft. Microsoft cannot guarantee their accuracy, and the products may change over time. Also, the descriptions are intended as brief highlights to aid understanding, rather than as thorough coverage. For authoritative descriptions of these products, please consult their respective manufacturers. All trademarks are the property of their respective companies. ©2015 Microsoft Corporation. All rights reserved.