Mastering Identity and Access Management with Microsoft Azure

上QQ阅读APP看书，第一时间看更新

Implementing a solid Azure Active Directory

The first step we need to take is to get an Azure AD tenant. There are many ways to do this. You can start with an Azure subscription or use any other service from the Microsoft SaaS portfolio. The easiest way to get your solution to a working state is to start with an Office 365 trial subscription.

Open your browser and navigate to http://bit.ly/1RVpFXe . Subscribe to a free Office 365 Enterprise E5 plan:

Office 365 E5 trial request

Follow the registration process and define your user ID, such as admin@domain.onmicrosoft.com. We recommend using a nonpersonal ID, as shown in the next screenshot. Enter your new user ID and password. Your default directory will get the name you define behind the @:

First Global Administrator creation

Afterward, you need to prove your identity with a text message or a phone call and enter the received code. Next, you need to click Create my account. Keep in mind that the provisioning process takes a few minutes and should end with a success message.

After the successful creation of your brand new Azure AD with an associated Office 365 E5 plan, you should be able to log on with your administrative credentials and see the following screen:

Office 365 management portal

In the next step, we will assign an Enterprise Mobility Suite (EMS) E5 plan to the freshly created Azure AD tenant.

Click on the Admin icon on the right, and you should see your current assigned Subscriptions under the Billing tab:

Office 365 subscription management

Click Add subscriptions to add the EMS E5 trial plan to your Azure AD tenant:

EM+S E5 trial request

Choose the EMS E5 plan and click Start free trial and follow the subscription process. After a successful subscription process, you can see the assigned Office 365 E5 and the EMS E5 plan in your Azure AD tenant.

Now that we have created our Azure AD tenant, we need to subscribe for an Azure free trial subscription. This step is necessary to use Azure resources such as the Azure AD Domain Services or other functionality we will discuss in the next chapters.

You can also use the following ways to get an Azure subscription:

Use an Azure subscription from scratch (https://account.azure.com/organization)
Use an agreement-based Azure subscription
Use an MSDN Azure subscription, as shown in the following figure:

Visual Studio subscription benefits

Remember you can only sign up for one Azure AD free trial subscription.

Let's go to configure your administrative workstation and your personal Azure AD tenant.