We’ve turned on the public preview of the Azure AD admin experience in the new Azure portal!If you want to skip the reading and just start using it, click here . But I recommend you keep reading to get a quick tour of many of the exciting capabilities of this new experience. There’s a ton of richness you might not be expecting! As many of you know, we’re in the process of moving the management experience for all Azure services from the ‘classic’ portal at https://manage.windowsazure.com to the new portal at https://portal.azure.com . Azure AD is moving to the new portal in phases. In this first phase we focused on the core Azure AD experiences. Phase one is now complete with the start of public preview. In phase two you’ll see us iterating rapidly, making refinements to the experience and adding new capabilities. Within a few months the new portal will have all the features of the classic portal and quite a few more. Our new management experience has been designed based on your feedback. You told us about your challenges in leveraging cloud services that build on your existing environment. You asked us to make it easier and faster to integrate with those services, and simpler to manage access to them. Based on your feedback, we developed four key principles which we used to guide our designs:
Fig 1. Azure AD in the new Azure portal
Video: Getting Started with Azure AD in the new Azure Portal
Fig 2. Azure Active Directory in the left navigation menuYou can also find Azure Active Directory in the More services menu. If Azure Active Directory isn’t already pinned to your left navigation menu, you can pin it manually. Open the More services menu, enter ‘Azure Active Directory’ in the Filter box, and click the star to the right of Azure Active Directory. That way it’ll be easy for you to find it the next time you visit the new portal.
Fig 3. Pinning Azure Active Directory to your left navigation bar by clicking the star
Fig 4. Overview blade for Azure Active DirectoryThe tiles on the right give you easy visual access to begin using those features and more. The Recommended tile is a starting-off point for you to configure important features: directory sync, self-service password reset, and company branding. The Other capabilities tile lets you navigate to newer Azure AD capabilities such as Identity Protection and Privileged Identity Management. The Quick tasks tile on the right gives you an easy way to begin common management tasks for users, groups, and apps.
Fig 5. Searching for a user in the ‘All users’ bladeWhen you see the name of the user that you’re looking for, click on their name to begin managing the user. When you open an individual user, you’ll land on the overview for the user. The overview shows at-a glance information about the user. You’ll see a graph of the user’s sign-ins over the past month, and the number of groups in which the user is member. In the ‘command bar’ at the top of the blade, you will see a button to reset the user’s password. You will also see a delete button that will be enabled for any user who is not synced from your Windows Server AD. You can use the button to delete the user from your tenant.
Fig 6. Managing a user in the new portal: Overview blade
Fig 7. Managing group memberships for an individual userOn the Directory role blade you can see and manage the user’s assignment to any tenant-wide administration roles, including roles for Office 365 services, and new roles such as Security administrator and Security reader. In the Activity section of the resource menu, you can click on the Sign-ins item see a page that show history of the user’s sign-ins to applications. Another cool feature we’ve added in our preview experience is the ability to see audit logs for a user without navigating away from the user. Click on Audit logs to see a list of audit activity related to the user, such as the user being added or removed from a group, or being assigned to an administrative role in the directory. Click on any item in the list to see more details about the activity in the Activity Details blade. This will streamline the experience when you are troubleshooting issues related to an individual user.
Fig 8. Audit logs for an individual user
Fig 9. Activating a free trial of Enterprise Mobility SuiteA new app management experience: Enterprise applications and app registrations You’ll notice some changes in the way you manage applications in the new portal. On the directory overview blade, you’ll see items on the resources menu and tiles for Enterprise applications and App registrations. In Enterprise applications, you’ll find and manage the applications that your users access: SaaS apps that you have added from the app gallery, line of business apps that are integrated with Azure AD, and apps that your users or admins have added themselves. Here you can assign access to an application, view sign-ins and audit logs for the application, configure single-sign on, and perform other application management tasks.
Fig 10. Enterprise applications and App registrations on the resource menu for the directoryIf you or your organization have developed any custom line-of-business or multi-tenant apps and integrated those with Azure AD, you can see the registration data for those apps by clicking on the App registrations blade . The app registration blade is where a developer can manage the properties of the app registration, such as the reply URLs for the app, and the permissions that the app needs on other APIs. With the distinct views for enterprise apps and app registrations, we’re aiming to help IT Pros and developers focus on the resources and tasks that are most important to their roles. We’re still working out the right naming and presentation for these, so if you have suggestions, we’d love to hear from you.
Fig 11. Managing apps in the new Azure AD management experienceWatch this video to see a quick tour of the experience.
Video: Managing enterprise apps using Azure ADOn the Overview blade for Enterprise applications, you can see all the apps you can manage access to, as well as the see top apps used in your organization. Click on Sign ins in the resource menu to drill into detailed activity reports for application sign-ins. Click on Audit logs to see updates to applications in your organization. On the Application proxy blade you download and configure the Application proxy connectors for any on-premises apps that you want to expose to cloud users. To manage an individual app, click on the All applications item on the resource menu. Use the search box above the list of app names to find the app that you want to manage. Then, click on the app’s name to open it. You’ll see a new app-centric overview blade that shows thumbnail photos of the users and groups assigned to the app, and a graph of recent sign-ins.
Fig 12. Overview for an individual applicationYou can open other blades from the resource menu to view and manage the application’s properties, including its name, logo, single-sign on and provisioning settings, and application proxy configuration. You’ll see a significant improvement in this preview experience on the Users and groups blade for an application. Now you can see all user and group assignments to an application in a single view.
Fig 13. Viewing users and groups assigned to an appNow you can assign users and groups to the application using a consistent, search-centric interface. To see this, click the Add button on the Users and groups tab for an individual application. You’ll find the Add button in the black ‘command bar’ region just above the grid itself.
Fig 14. Assigning users and groups to an appThe preview experience gives you insight into activity for an individual app, just like it does for an individual user. For example, when you are looking at an app you can click on Sign-ins in the resource menu to see recent sign-ins to the app. Click on Audit logs to see audit events for the application.
Fig 15. Viewing activity in the tenant-wide audit logThe Audit logs blade on Users and groups shows a view of audit events that is automatically filtered to events related to users and groups. Likewise, the Enterprise apps blade also has Audit logs in its resource menu. Click it to see audit events related to applications. You can get similar insight into sign-ins. To see it, click on Sign-ins in the resource menu of the directory. You’ll see a list of recent sign ins to applications across all users in your tenant. Click the filter button in the command bar to see sign-ins from a specific time interval. You can also use this list to see sign-ins for a single user. To do so, just enter the user’s name in the search box above the list. To see more details for an individual sign in, click an item in the list. In the Activity details blade you can see who signed in, when, from where, and from what device & IP address.
Fig 16. Viewing recent sign-ins, and details for one of those sign ins
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.