- What is Azure AD (Active Directory)?
As per Microsoft, Azure Active Directory is Microsoft’s cloud-based identity and access management service, which helps your employees sign in and access resources in:
- External resources, such as Microsoft Office 365, the Azure portal, and thousands of other SaaS applications.
- Internal resources, such as apps on your corporate network and intranet, along with any cloud apps developed by your own organisation.
2. Types of Licenses in Azure AD?
There are different licensing options are available as below.
- Azure Active Directory Free: Provides user and group management, on-premises directory synchronization, basic reports, self-service password change for cloud users, and single sign-on across Azure, Office 365, and many popular SaaS apps.
- Azure Active Directory Premium P1: In addition to the Free features, P1 also lets your hybrid users access both on-premises and cloud resources. It also supports advanced administration, such as dynamic groups, self-service group management, Microsoft Identity Manager and cloud write-back capabilities, which allow self-service password reset for your on-premises users.
- Azure Active Directory Premium P2: In addition to the Free and P1 features, P2 also offers Azure Active Directory Identity Protection to help provide risk-based Conditional Access to your apps and critical company data and Privileged Identity Management to help discover, restrict, and monitor administrators and their access to resources and to provide just-in-time access when needed.
- Pay as you go: feature licenses. You can also get additional feature licenses, such as Azure Active Directory Business-to-Customer. B2C can help you provide identity and access management solutions for your customer-facing apps.
3. What is Tenant in Azure AD?
A dedicated and trusted instance of Azure AD that’s automatically created when your organization signs up for a Microsoft cloud service subscription, such as Microsoft Azure, Microsoft Intune, or Office 365. An Azure tenant represents a single organization.
4. What is Azure AD directory?
Each Azure tenant has a dedicated and trusted Azure AD directory. The Azure AD directory includes the tenant’s users, groups, and apps and is used to perform identity and access management functions for tenant resources.
5. What is Azure AD Global administrator?
This administrator role is automatically assigned to whomever created the Azure AD tenant. Global administrators can do all of the administrative functions for Azure AD and any services that federate to Azure AD, such as Exchange Online, SharePoint Online, and Skype for Business Online.
You can have multiple Global administrators, but only Global administrators can assign administrator roles (including assigning other Global administrators) to users.