Azure Active Directory Deep Dive


We had another outstanding meeting Thursday night. with a good turnout.  Although over 70 registered for the meeting only about 20 actually made it to the meeting in person. Please be diligent in changing your status from “Your Going” to “Not Going” by the morning of the meeting if your plans change, so that we can adjust the refreshments order accordingly.

We also streamed the meeting using Skype for those who could not attend in person. That worked out well; and we will probably do it again in the future. However, there is really no substitute for attending in person and networking with your peers. Smile

If you are interested in our upcoming meeting schedule, and/or to find out more about the group, we invite you to visit the group’s Meetup site.

What follows is a summary of our August meeting:

As usual we started our meeting with ½ hour of networking and refreshments. After that we delivered a brief presentation about the group for new members.  In addition to covering the Mission and Structure of the group, the Board of Directors, and our Sponsors we also covered recent Azure announcements that we felt were most important.

The important announcements this month were:

  • Start/Stop VMs during off-hours in Azure Automation GA
  • Azure Virtual Machines Azure reserved instance size flexibility
  • Azure SQL Database, Save up to 80 percent with reserved capacity and Azure hybrid benefit
  • Linux on App Service Environment now GA
  • Azure Data Box Disk Preview
  • Azure SQL Database Managed instance business critical Preview
  • Azure Event Hubs and Service Bus VNET Service Endpoints in Public Preview

Following that, we launched into the main presentation topic, with Microsoft Cloud Solutions Architect Brett Hacker presenting an extremely comprehensive and thorough presentation on Azure Active Directory.

In this presentation Brett covered all the ins and outs of Azure Active Directory including The relationship of Azure Active Directory (AAD) to on-premises Active Directory (AD), the use of AAD by Office 365, Intune and other Microsoft cloud services as well as the Integration of AAD with thousands of other Software as a Service (SaaS) applications.

He discussed the Graph API which forms the underlying single security API that proxies multiple services and supports single sign-on to them. Next, he went into a deep discussion of exactly how hybrid authentication works where AAD is integrates with on-premises AD as well as how Active Directory Federation Services (ADFS) and AD Connect are used to support single sign-on and same sign-on using common credentials for Cloud  and Federated authentication, as well as how password hashes are used to safely integrate both authentication methods.

Following that Brett covered how AAD Business-to-Business (B2B) and Business to Consumer (B2C) authentication works to allow authenticated access by external businesses and consumers.

Bret finished up with a very comprehensive demo of an application that illustrated all of the above features of AAD. All-in-all it was the best AAD presentation that I have ever seen. Smile The slide deck can be downloaded from here. Note that Brett is using the AAD demo application that he presented in the meeting to share the slides at that link.

If you are located in the Nashville Area, or any of the surrounding areas, we invite to you become a member of the group and to attend future meetings. All are welcome, and meetings are always free.

See you next month.

Bill Zack, President, The Nashville Microsoft Azure Users Group

About CloudyInNashville

I am a Cloud Architect and Consultant. Over several years I have been working with companies to help them design and build .NET based applications for public and private clouds. My focus is the Cloud, Public Clouds and Microsoft's Windows Azure Cloud platform in particular.
This entry was posted in Microsoft Azure, Security, User Groups. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s