Manage your multi-cloud identity infrastructure with Microsoft Entra
HTML-код
- Опубликовано: 1 авг 2024
- A single solution to centrally manage your entire identity infrastructure with Microsoft Entra. Whether hybrid across your on-premises systems and the Microsoft Cloud, or across services spanning multiple clouds, like AWS, Google Cloud Platform and your favorite SaaS apps.
Joey Cruz, from the identity team at Microsoft, highlights the comprehensive capabilities of Microsoft Entra, including unified identity management, that spans beyond your Microsoft estate and beyond Azure Active Directory. He demonstrates new and unique capabilities for the day-to-day management of your users and workloads.
► QUICK LINKS:
00:00 - Introduction
00:25 - Microsoft Entra admin center
01:07 - Secure access to Google services with passwordless authentication using Microsoft Entra
02:20 - Access all of your cloud and on-prem apps from myapps.microsoft.com
03:13 - Supported authentication methods
04:24 - Verified IDs to automate new user verification and access provisioning
05:40 - Workload Identity management for secure app to app communication
06:56 - Privileged Identity Management to protect admin accounts and more
07:41 - Permissions Management to monitor and protect Azure, AWS and GCP in one place
08:20 - Wrap up
► Link References:
Try Microsoft Entra at entra.microsoft.com
Check out our docs at aka.ms/EntraDocs
► Unfamiliar with Microsoft Mechanics?
As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.
• Subscribe to our RUclips: / microsoftmechanicsseries
• Talk with other IT Pros, join us on the Microsoft Tech Community: techcommunity.microsoft.com/t...
• Watch or listen from anywhere, subscribe to our podcast: microsoftmechanics.libsyn.com...
• To get the newest tech for IT in your inbox, subscribe to our newsletter: www.getrevue.co/profile/msftm...
► Keep getting this insider knowledge, join us on social:
• Follow us on Twitter: / msftmechanics
• Share knowledge on LinkedIn: / microsoft-mechanics
• Enjoy us on Instagram: / msftmechanics
• Loosen up with us on TikTok: / msftmechanics
#IdentityManagement #AzureAD #VerifiableCredentials #IdentityGovernance 
Наука
This is so cool!
Given that a lot of companies are onboarding offshore contractors to augment workforce requirements, does anyone know if the verifiable ID works for non-US issued documents?
You'll want to find an identity proofing partner/vendor that processes non-US issued documents for that. It's up to you to select the right identity proofing companies for your needs and global presence. What you'll do is trust them and the verifiable credentials they issue, and process them in Microsoft Entra.
Apart from Verified ID, isn't this stuff that was already in AAD?
Verified ID and Permissions Management are additive to AAD. And there's more to come
@@MSFTMechanics and also lifecycle workflows , 3 new features as of now :)
Do it release Windows 11.1 beta on January 11, 2023 right now!
Will this make it possible for me to collaborate with my Google workspace clients?
Currently it's a non starter, even just to grant them access to a sharePoint site 😒
It's been possible for some time for users with Google identities to securely access AAD resources. Check out this article for more information and admin steps to get it running: learn.microsoft.com/en-us/azure/active-directory/external-identities/google-federation
No support for on-prem groups/apps? Not very useful for all those org's running hybrid :(
Why do you think that Entra doesn´t support on prem apps and groups? You can integrate SSO and access management to your existing on prem apps easily and you can use on prem groups and sync them to Azure AD and also write back changes from the cloud back to on prem.
You can manage onprem groups using Access Reviews and apply the results to your onprem groups. However, an even better option is create and manage all your groups from the cloud and only write back the groups you consume on-premises via AAD Connect Group Writeback v2. So you get all the Identity governance policies, automatic assignments, access reviews centrally. You can also do on-premises application provisioning and manage their assignments with entitlement management just like you can your SAAS apps.
@@CloudIdentity We want to completely eliminate the need for our on-prem AD. The only things we are using it for today are VPN authentication and SAN file access. Is it possible to completely leverage Azure/Entra without a need to "sync" anything on-prem? If so, where would I get started? We already have a fully deployed MS365 and use Azure AD to authorize some cloud databases... thx
@@fpvmenki7964 On-prem groups synced to AAD on Azure AD Connect cannot be used in some features in PIM, they are greyed out in the group selection window and can't be selected.
@@CloudIdentity Thanks for this perspective, interesting option - I'll have to have a play with it and do some testing!
How does this stack up with Okta?