Microsoft Azure Active Directory

Azure Active Directory

All Microsoft Online business services depend on Azure Active Directory for identity management scenarios. You get free version of AAD if you subscribe to any Microsoft online service such as office 365 or Microsoft azure etc. If you want to enhance AAD capabilities you can do that by either purchasing AAD premium version or EMS.

AAD offers you multiple features that upsurge the overall productivity of employees. It provides single-sign-on facility to 1000s of cloud apps also including 3rd party applications so that users do not have to remember different passwords and usernames for various applications. Moreover, it also gives you self-service experience so that users do not have to run to their IT help desk every time they need to reset their password or want to add themselves in any group, They can do these simple tasks themselves; removing extra burden from IT support and increasing the overall efficiency. It also includes Multi-Factor Authentication (MFA), and secure access for your mobile workforce.

The capabilities include;

  • Enables self-service password reset and change to be written back to on premises Active Directory.
  • Provides end users the self-service ability to join/manage groups.
  • Advanced machine learning-based security and usage reports provide additional protection to sensitive data.
  • Simplified access management and security
  • Centrally manage single sign-on across devices, your datacenter, and the cloud to 1000s of applications.
  • Multi Factor authentication with verification options, including phone calls, text messages, or mobile app notifications, and use security monitoring to identify inconsistencies.

Azure Active Directory Licenses Comparison

Azure Active Directory featuresFeature detailsAzure Active Directory Premium P1Azure Active Directory Premium P2
Common features Directory objectsNo object limitNo object limit
User/group management (add/update/delete), user-based provisioning, device registration, password change, synchronization tools for “on-premises to cloud” directory integration (Azure AD Connect)YesYes
Single Sign-On (SSO)No limit (free, Basic tiers + Self-Service App Integration templates)No limit (free, Basic tiers + Self-Service App Integration templates)
B2B collaborationYesYes
Security/usage reportsAdvanced reportsAdvanced reports
Premium + Basic features Group-based access management/provisioningYesYes
Self-service password reset for cloud usersYesYes
Company branding (logon pages/access panel customization)YesYes
Application proxyYesYes
SLA 99.9%YesYes
Premium features Self-Service Group and app Management/Self-Service application additions/ Dynamic GroupsYesYes
Self-service password reset/change/unlock with write-back to on-premises directoriesYesYes
Device objects two-way synchronization between on-premises directories and Azure AD (Device write-back)YesYes
Multi-Factor Authentication (cloud and on-premises (MFA server))YesYes
Microsoft Identity Manager user CALYesYes
Cloud app discoveryYesYes
Connect HealthYesYes
Conditional access based on group and locationYesYes
Conditional access based on device state (allow access from managed/domain joined devices)YesYes
Identity Protection / Conditional access based on sign-in or user riskYes
Privileged Identity ManagementYes
Windows 10 + Azure AD Join related featuresJoin a Windows 10 device to Azure AD, Desktop SSO, Windows Hello for Azure AD, Administrator Bitlocker recoveryYesYes
Windows 10 + Azure AD Join related featuresMDM auto-enrollment, Self-service Bitlocker recovery, additional local administrators to Windows 10 devices via Azure AD Join, Enterprise State RoamingYesYes



Let us customize a Unified Communications Solution for your business today!