External Users in Azure AD B2B

Posted July 30, 2017

I have spent some time with customers working on Azure AD B2B and making applications available to partners and vendors through Azure AD. Part of the work was looking at what happens under the cover in AAD B2B, so we could understand what and how we had to work on reporting and auditing.

Azure AD B2B is intivation-based. When you want to work with an external partner or vendor, you invite them into working with you in one of your company’s applications. The system then sends an invitation to that person’s email address that you supply – and they redeem that invitation to gain access.

What happens in the background is the creation of an identity reference of that vendor’s or partner’s user account. That reference is created in your AAD and used to link permissions to – and audit and reporting.

That reference is created as a very special reference user object. The following is my users object in my AAD tenant:

First Name: Florian

Last Name: Fromm

Sign-In-Name: florian@fsft.net

objectID: e25b1308-1115-45d0-b813-a49e23a32e1f

UserType: Member Read more »

Posted in - Active Directory - Comments(0)

Topologies for Azure AD Connect (AADConnect)

Posted June 15, 2016

Let me cross-link this here, because I feel like this is one of the better, clearer articles of what you can and should not attempt to build with Azure AD Connect (AADConnect):

https://azure.microsoft.com/en-us/documentation/articles/active-directory-aadconnect-topologies/

It outlines nicely what scenarios and topologies are supported in the current version of AADConnect.

Posted in - Azure AD Connect, Hybrid Identity - Comments(0)

ADFS Capacity Planning Spreadsheet updated for Windows Server 2016

Posted May 24, 2016

Good news!

The ADFS Capacity Planning Spreadsheet most of us are familiar with, has been updated to reflect Windows Server 2016 numbers and scaling. While the “old” spreadsheet was still “OK” for Windows Server 2012 R2, apparently there are a number of changes in Windows Server 2016′s ADFS that warranted for an updated version.

Nice!

The link to the spreadsheet is in the following TechNet article: “Planning for AD FS Capacity”, https://technet.microsoft.com/en-us/library/gg749899.aspx.

You find the link in the second table, “AD FS Capacity Planning Spreadsheet for Windows Server 2016 ” or clicking here: http://adfsdocs.blob.core.windows.net/adfs/ADFSCapacity2016.xlsx

Enjoy!

 

Posted in - ADFS, Hybrid Identity - Comments(0)

Next Page »