Sunday, 12 June 2016

Getting started with Azure AD

Posted by: Ashwin Venugopal

The high-level steps for Azure AD without SSO are as follows:

  1. Sign up for Microsoft Azure. Click here to sign up.
    1. This creates an account for managing your Microsoft Azure subscription
  2. Select Azure AD service from the Microsoft Azure management portal.
  3. Now we can add a domain name to Azure AD (optional).
  4. Later, we can add applications that integrate with Azure AD (optional).
  5. Add directory integration for your on-premises AD DS (optional).
  6. Add users.

To continue the deployment for SSO and directory synchronization, we need to:
  1. Deploy AD FS and configure federation.
  2. Install Azure AD Connect and configure synchronization.
Deploy Local AD FS Federation Server

Assign/bind the third party certificate to the default web site. (SSL certificate name should match Federation Service Name)
  1. Open Server Manager
    1. Click Tools
  2. Click AD FS Management
  3. Click AD FS Federation Server Configuration Wizard
  4. Create a new Federation Service
    1. Click Next
  5. The certificate that you applied in the beginning should show up now.
  6. Federation Service Name
    1. Click Next
  7. Enter the AD FS service account name and password
    1. Click Next
    2. Click Next
  8. Now, All green check marks mean everything is setup correctly
    1. Click Close
Thanks for reading.

No comments:

Post a Comment