Gain control over any hybrid cloud. Manage and protect Azure or AWS, Windows Server or Linux, VMware or OpenStack with Microsoft cost-effective, all-in-one cloud IT management solution.
This package contains a set of symbols/icons to visually represent features of and systems that use Microsoft Cloud and Enterprise technologies, including Windows Server, Microsoft Azure and related technologies. Email CnESymbols@microsoft.com to provide feedback and suggestions.
Microsoft Operations Management Suite Visio Icons #MSOMS
Identity management, provisioning, role management, and authentication are key services both on-premises and through the (hybrid) cloud. With:
- The Bring Your Own Apps (BYOA) for the cloud and the Software as a Service (SaaS) applications,
- The desire to better collaborate a la Facebook with the “social” enterprise,
- The need to support and integrate with social networks, which lead to a Bring Your Own Identity (BYOI) trend,
Identity becomes a service where identity “bridges” in the cloud talk to on-premises directories or the directories themselves move and/or are located in the cloud.
Active Directory (AD) is a Microsoft brand for identity related capabilities. Within on-premises world, Windows Server AD provides a set of identity capabilities and services and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). Azure AD is AD reimagined for the cloud, designed to help you solving the new identity and access challenges that come with the shift to a cloud-centric, multi-tenant world.
Azure AD is the identity foundation for many Microsoft services like Office 365, Intune, Dynamics CRM, and others. Azure AD is a comprehensive identity and access management cloud solution, utilizing the enterprise-grade quality and proven capabilities of Windows AD on-premises. It combines core directory services, advanced identity governance, security and application access management.
This series of whitepapers on Windows Azure AD offerings comprises:
- Active Directory from the on-premises to the cloud.
- An overview of Azure AD.
- An overview of Azure AD B2C.
- Introducing Azure AD B2B collaboration.
- Azure AD & Windows 10: Better together for Work or School.
- Azure AD/Office 365 single sign-on with AD FS in Windows Server 2012 R2.
- Azure AD/Office 365 single sign-on with Shibboleth 2.
- Leverage Multi-Factor Authentication with Azure AD.
- Leverage Multi-Factor Authentication Server on your premises.
- Leverage Azure AD for modern Business Applications.
The Active Directory from the on-premises to the cloud whitepaper (AD-from-on-premises-to-the-cloud.docx) introduces the trends that sustains a new identity model, the role of Identity Management as a Service (IdMaaS) and presents in this context the Microsoft’s identity offerings in the hybrid era.
The An overview of Azure AD whitepaper (An-overview-of-AAD.docx) further presents the capabilities that can be leveraged to centralize the identity management needs of your modern business applications, and your SaaS subscriptions, whether they are cloud-based, hybrid, or even on-premises. The free edition of Azure AD is a complete offering that can help you take advantage of your on-premises existing investment, fully outsource to the cloud your users (and devices) management and anything in between. For enterprises with more demanding needs an advanced offering, Azure AD Basic and Azure AD Premium help complete the set of capabilities that this identity and access management solution delivers.
In addition, the An overview of Azure AD B2C whitepaper (An-overview-of-AAD-B2C.docx) presents the new service for Business-to-Consumer: Azure AD B2C to embrace identity management (IDM) of individual consumers.
Similarly, the Introducing Azure AD B2B collaboration whitepaper (Introduce-AAD-B2B-collaboration.docx) presents the new feature Azure AD B2B collaboration that can be used with on the above editions to embrace identity management (IDM) of partner and supply chains, and manage Business-to-Business collaboration.
The Azure AD & Windows 10: Better together for Work or School whitepaper (Azure-AD-Windows-10-better-together.docx) introduces how Windows 10 Pro, Windows 10 Enterprise, and Windows 10 Education editions will enable a device to connect to your Azure AD tenancy to seamlessly access SaaS applications in the cloud and traditional applications on-premises, and all of that without needing the traditional WSAD domains on-premises if you want to. It depicts the related experiences whether you are cloud-only, hybrid or have an on-premises AD infrastructure as well as how to enable them.
The Azure AD/Office 365 single sign-on with AD FS in Windows Server 2012 R2 whitepaper in two parts (AAD-Office-365-Single-Sign-On-with-ADFS-in-Windows-Server-2012-R2-Part-1.docx, and AAD-Office-365-Single-Sign-On-with-ADFS-in-Windows-Server-2012-R2-Part-2.docx/AAD-Office-365-Single-Sign-On-with-ADFS-in-Windows-Server-2012-R2-Part-2bis.docx) provides an understanding of the different single sign-on deployment options with Azure AD/Office 365, how to enable single sign-on using corporate AD credentials and AD FS to Azure AD/Office 365, and the different configuration elements to be aware of for such deployment. It also provides an end-to-end walkthrough to setup an Azure-based lab environment to further familiarize yourself with both the installation and configuration of the related infrastructure. It notably features in this context Azure AD Connect and Azure AD Connect Health now in GA.
The AAD-Office-365-Single-Sign-On-with-ADFS-in-Windows-Server-2012-R2-(PS-Scripts) archive file contains the script New-TestLabEnvironment.ps1 referred in the whitepaper for building the Azure-based lab environment. This script illustrates how to leverage the remote Windows PowerShell capabilities along with the Windows Server automation with Windows PowerShell to setup the required virtual machines.
Likewise, the Azure AD/Office 365 single sign-on with Shibboleth 2 whitepaper (AAD-Office-365-Single-Sign-On-with-Shibboleth-2.docx) provides an understanding of how to enable single sign-on using corporate LDAP-based directory credentials and Shibboleth 2 with the SAML 2.0 protocol to Azure AD/Office 365, and the different configuration elements to be aware of for such deployment. It also provides an end-to-end walkthrough of the related setup and configuration.
The Leverage Multi-Factor Authentication with Azure AD whitepaper (Leverage-Multi-Factor-Authentication-with-AAD.docx) covers the Azure Multi-Factor Authentication paid offering and how to leverage it with Azure AD (Premium).
As an addition, the Leverage Multi-Factor Authentication Server on your premises whitepaper (Leverage-Multi-Factor-Authentication-Server-on-your-premises.docx) describes how to use Azure Multi-Factor Authentication Server and to configure it to secure cloud resources such as Office 365 so that so that federated users will be prompted to set up additional verification the next time they sign in on-premises. In order not to “reinvent the wheels”, this document leverages the instrumented walkthrough provided in the second part of the above whitepaper Azure AD/Office 365 single sign-on with AD FS in Windows Server 2012.
The Leverage Azure AD for modern Business Applications whitepaper (Leverage-AAD-for-modern-business-apps.docx) further presents the aspects that relates to the development of solutions. Azure AD offers to developers and cloud ISVs an identity management platform to deliver access control to their modern business applications, based on centralized policy and rules.
One of the major trends in the last few years has been a huge explosion in amount of data being generated by OLTP systems often coupled with the need to retain ever longer durations of historical data that needs to be made available for querying on demand. In order to meet customer needs in terms of data retention and performance, hosted database implementations had to choose between the following less than optimal options:
- expanding and managing local storage which led to increasing cost
- archive less frequently queried data into offline backup systems like tapes which prevents on-demand querying
- simply put in place more aggressive data retention policies that reduced the need for this data to be stored in the first place leading to data loss
SQL Server 2016 introduces a number of major capabilities which enable seamless scale-out of SQL Server for low cost storage which is available for anytime On-Demand querying using Azure. With Azure’s almost limitless storage, hosters can offer low cost hyper-scale benefits to their SQL Server implementations for their customers. In this document, detailed technical guidance is provided in the context of a customer scenario on how to implement a hyper-scale database offering. For the implementation, the following SQL Server 2016 capabilities are leveraged
- Stretched database and Azure Stretch database service
- AlwaysOn Availability Groups with asynchronous replica in Azure
- In-Memory ColumnStore
- Temporal Database
The following Guide explains these capabilities and also enumerate considerations that the Hosting Service Provider (HSP) database administrator has to keep in mind while implementing this offer.
Why Microsoft Azure Stack?
Microsoft Azure Stack is a new hybrid cloud platform product that enables your organization to deliver Azure services from your own datacenter to help you achieve more. Get the power of cloud services, yet maintain control of your datacenter for true hybrid cloud agility. You decide where to keep your data and applications—in your own datacenter or with a hosting service provider. Easily access public cloud resources to scale at busy times of the year, for dev-test, or whenever you need them. Only Microsoft builds and runs its own hyper-scale datacenters and delivers that proven innovation to your datacenter.