Home

Central Identity Management with AAD

%3CLINGO-SUB%20id%3D%22lingo-sub-113192%22%20slang%3D%22en-US%22%3ECentral%20Identity%20Management%20with%20AAD%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-113192%22%20slang%3D%22en-US%22%3E%3CP%3E%3CU%3E%3CSTRONG%3ESituation%3A%3C%2FSTRONG%3E%3C%2FU%3E%3C%2FP%3E%3CP%3EWe%20have%20several%20offices%20all%20around%20the%20world%20eg%3B%20Sydney%2C%20London%2C%20UK%2C%20LA%2C%20Norway%20etc...%20which%20have%20been%20through%20aquisitions%20and%20mergers.%20Several%20of%20the%20sites%20have%20their%20own%20on-prem%20AD%20and%20are%20being%20sync'd%20to%26nbsp%3B%20a%20single%20O365%20tenant%20through%20AD%20Connect.%20For%20smaller%20sites%20that%20don't%20have%20an%20on-prem%20AD%2C%20users%20are%20created%20in%20the%20Sydney%20HQ%20AD.%20IT%20admin%20connects%20to%20the%20Sydney%20AD%20via%20RDP%20and%20creates%20users%26nbsp%3B%20in%20their%20specific%20OU.%26nbsp%3B%20We%20want%20to%20eliminate%20the%20need%20for%20IT%20Admins%20to%20RDP%20in%20to%20manage%20their%20users.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CU%3E%3CSTRONG%3EOutcome%20Required%3A%3C%2FSTRONG%3E%3C%2FU%3E%3C%2FP%3E%3CP%3E%3CU%3E%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3E%3C%2FU%3E%3C%2FP%3E%3CP%3EWe%20need%20a%20central%20source%20of%20truth%20where%20IT%20admins%20login%20to%20a%20portal%2C%20manage%20their%20own%20location%20specific%20Users%20and%20any%20changes%20are%20than%20sync'd%20back%20to%20their%20location%20AD%20(because%20of%20other%20on-prem%20resources%20which%20are%20AD%20dependant).%26nbsp%3B%20Is%20this%20something%20AAD%20can%20do%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20briefly%2C%20our%20requirements%20are%3A%3C%2FP%3E%3CP%3E-%20Centralised%20User%20management%20(%3CSTRONG%3EMost%20important%3C%2FSTRONG%3E)%3C%2FP%3E%3CP%3E-%20User%20self%20service%20password%20reset%2Funlock.%3C%2FP%3E%3CP%3E-%20SSO%20with%20third%20party%20apps%3C%2FP%3E%3CP%3E-%20Mac%20support%20(for%20password%20reset%2C%20SSO)%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOkta%20partly%20does%20what%20we%20need%20but%20being%20a%20Microsoft%20shop%2C%20a%20solution%20from%20Microsoft%20will%20be%20easier%20to%20integrate%20into%20our%20ecosystem.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20the%20above%20possible%20with%20an%20Azure%20Solution%3F%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ELooking%20forward%20to%20your%20feedback.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ethanks%2C%3C%2FP%3E%3CP%3ES.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-113192%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Shaneil Narayan
Occasional Visitor

Situation:

We have several offices all around the world eg; Sydney, London, UK, LA, Norway etc... which have been through aquisitions and mergers. Several of the sites have their own on-prem AD and are being sync'd to  a single O365 tenant through AD Connect. For smaller sites that don't have an on-prem AD, users are created in the Sydney HQ AD. IT admin connects to the Sydney AD via RDP and creates users  in their specific OU.  We want to eliminate the need for IT Admins to RDP in to manage their users.

 

Outcome Required:

 

We need a central source of truth where IT admins login to a portal, manage their own location specific Users and any changes are than sync'd back to their location AD (because of other on-prem resources which are AD dependant).  Is this something AAD can do?

 

So briefly, our requirements are:

- Centralised User management (Most important)

- User self service password reset/unlock.

- SSO with third party apps

- Mac support (for password reset, SSO)

 

 

Okta partly does what we need but being a Microsoft shop, a solution from Microsoft will be easier to integrate into our ecosystem.

 

Is the above possible with an Azure Solution? 

 

Looking forward to your feedback.

 

 

thanks,

S.

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
38 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
13 Replies