Microsoft Azure Active Directory

Azure Active Directory

All Microsoft Online business services depend on Azure Active Directory for identity management scenarios. You get free version of AAD if you subscribe to any Microsoft online service such as office 365 or Microsoft azure etc. If you want to enhance AAD capabilities you can do that by either purchasing AAD premium version or EMS.

AAD offers you multiple features that upsurge the overall productivity of employees. It provides single-sign-on facility to 1000s of cloud apps also including 3rd party applications so that users do not have to remember different passwords and usernames for various applications. Moreover, it also gives you self-service experience so that users do not have to run to their IT help desk every time they need to reset their password or want to add themselves in any group, They can do these simple tasks themselves; removing extra burden from IT support and increasing the overall efficiency. It also includes Multi-Factor Authentication (MFA), and secure access for your mobile workforce.

The capabilities include;

  • Enables self-service password reset and change to be written back to on premises Active Directory.
  • Provides end users the self-service ability to join/manage groups.
  • Advanced machine learning-based security and usage reports provide additional protection to sensitive data.
  • Simplified access management and security
  • Centrally manage single sign-on across devices, your datacenter, and the cloud to 1000s of applications.
  • Multi Factor authentication with verification options, including phone calls, text messages, or mobile app notifications, and use security monitoring to identify inconsistencies.

Azure Active Directory Licenses Comparison

Azure Active Directory features Feature details Azure Active Directory Premium P1 Azure Active Directory Premium P2
Common features     Directory objects No object limit No object limit
User/group management (add/update/delete), user-based provisioning, device registration, password change, synchronization tools for “on-premises to cloud” directory integration (Azure AD Connect) Yes Yes
Single Sign-On (SSO) No limit (free, Basic tiers + Self-Service App Integration templates) No limit (free, Basic tiers + Self-Service App Integration templates)
B2B collaboration Yes Yes
Security/usage reports Advanced reports Advanced reports
Premium + Basic features     Group-based access management/provisioning Yes Yes
Self-service password reset for cloud users Yes Yes
Company branding (logon pages/access panel customization) Yes Yes
Application proxy Yes Yes
SLA 99.9% Yes Yes
Premium features           Self-Service Group and app Management/Self-Service application additions/ Dynamic Groups Yes Yes
Self-service password reset/change/unlock with write-back to on-premises directories Yes Yes
Device objects two-way synchronization between on-premises directories and Azure AD (Device write-back) Yes Yes
Multi-Factor Authentication (cloud and on-premises (MFA server)) Yes Yes
Microsoft Identity Manager user CAL Yes Yes
Cloud app discovery Yes Yes
Connect Health Yes Yes
Conditional access based on group and location Yes Yes
Conditional access based on device state (allow access from managed/domain joined devices) Yes Yes
Identity Protection / Conditional access based on sign-in or user risk Yes
Privileged Identity Management Yes
Windows 10 + Azure AD Join related features Join a Windows 10 device to Azure AD, Desktop SSO, Windows Hello for Azure AD, Administrator Bitlocker recovery Yes Yes
Windows 10 + Azure AD Join related features MDM auto-enrollment, Self-service Bitlocker recovery, additional local administrators to Windows 10 devices via Azure AD Join, Enterprise State Roaming Yes Yes



Let us customize a Unified Communications Solution for your business today!