VIDEO
HIGHLIGHT
Log InSign up
Microsoft Azure Administrator AZ 104 Day-4 Session Tamil | Azure Active Directory overview Entra ID
SummaryTranscriptChat

Microsoft Azure Administrator AZ 104 Day-4 Session Tamil | Azure Active Directory overview Entra ID

Overview of Azure Active Directory

Introduction to Azure Active Directory

  • The session begins with an overview of Azure Active Directory (AAD), emphasizing its importance for users who have recently subscribed to the service.
  • AAD is described as a database that stores user information, which can be activated and referred to as a "tenant," representing an organization or company.

Understanding Tenants and Domains

  • When subscribing for the first time, users receive a default domain in AAD, typically formatted as something like "microsoft.com."
  • Users are instructed on how to log into the Azure portal where their user information will be stored within AAD.

Logging into Azure Portal

  • To access the Azure portal, users must be part of the active directory; only members can log in successfully.
  • Upon subscription, a default tenant domain is assigned automatically, allowing users to utilize their active directory effectively.

Navigating User Management in AAD

Accessing User Information

  • Users are encouraged to share their screens during the session for better understanding while discussing AAD functionalities.
  • The Microsoft entry ID is highlighted as essential for accessing various features within the Azure portal.

Creating and Managing Users

  • The process of creating new users involves navigating through specific menus in AAD where existing user accounts can also be viewed.
  • Participants are guided on how to find their principal name and other relevant details about their accounts within the system.

Organizational Structure and User Creation

  • The discussion emphasizes that AAD functions as a database for organizations, where new user accounts need to be created when onboarding new employees.
  • Instructions are provided on how administrators should create accounts for new team members by assigning necessary credentials such as usernames and passwords.

This structured approach ensures clarity regarding key concepts related to Azure Active Directory while providing timestamps for easy reference.

User Account Creation Process

Introduction to User Principal Name

  • The speaker introduces the concept of a user principal name, explaining that it is linked to their full name and used for account identification.
  • Emphasizes the difference between the display name (full name) and the user ID, noting that the user ID is typically shorter.

Password Setup Options

  • Discusses two options for password creation: manually setting a password or allowing an auto-generated password.
  • Highlights that users can choose to customize their passwords by unchecking the auto-generate option.

Best Practices for Password Creation

  • Advises on best practices for creating secure passwords, suggesting they should include capital letters and numbers.
  • Mentions that accounts must be enabled before proceeding with further steps in the setup process.

Filling Out User Properties

  • Instructs users to fill out various properties such as first name, last name, job title, company details, employee ID, and department during account creation.
  • Suggests leaving some fields blank initially if unsure about what to enter.

Error Handling During Account Creation

  • Addresses potential errors during account creation related to validation files and missing information.
  • Warns against using weak or commonly used passwords which may lead to rejection during setup.

Finalizing Account Creation

  • Encourages users to review their inputs before finalizing account creation and reminds them of the importance of remembering their new password.
  • Confirms successful account creation within the company's domain after all steps are completed.

Logging into Azure Portal

  • Describes how newly created accounts can log into Azure portal using their assigned user ID and password.
  • Explains that upon first login, users may need to reset their passwords due to security protocols set by Microsoft.

Microsoft Authenticator and Azure Portal Login Process

Introduction to Microsoft Authenticator

  • The speaker introduces a random password for authentication, indicating the need for an action requirement in the next steps.

Setting Up Microsoft Authenticator

  • A new Microsoft Authenticator app has been launched, which users must install on their mobile devices for first-time login. Without a mobile phone, admin login to the Azure portal is not possible.
  • Users are required to set up their accounts within 15 days due to two-factor verification requirements. The process involves scanning a QR code with the installed Microsoft Authenticator app.

Logging into Azure Portal

  • The speaker mentions having already installed the Microsoft Authenticator app and prepares to log in by locating the QR code.
  • After scanning the QR code with their phone, they receive a PIN displayed as "33" that needs to be entered for successful login.

Completing Account Setup

  • The speaker explains that after entering the PIN and receiving notification approval, they can complete their account setup before logging into the Azure portal.

Accessing Azure Portal

  • Successfully logged into the Azure portal, confirming membership in a company’s database through an existing account created by an admin.

Understanding Active Directory Integration

  • Discussion about using Microsoft's Active Directory; if users are already members of a company, they do not need to sign up again but can directly sign in.

Admin Account Creation Insights

  • Clarification that all accounts were created by an admin within Active Directory. The speaker plans to explore subscription services available in Azure.

Subscription Access Issues

  • While attempting to open subscriptions, access issues arise as alerts indicate no visibility of subscriptions despite prior purchases made by parent accounts.

Exploring Active Directory as Guest User

  • The speaker logs into Active Directory as a guest user and confirms access rights based on domain ownership. They can view details related to active directory users.

Identifying User Roles Within Active Directory

  • Two users are identified within this specific Active Directory context. Their roles are discussed concerning permissions granted from root admin identities.

Creating New User Accounts

  • Challenges arise when trying to create new user accounts due to disabled options indicating insufficient permissions or rights within this restricted area of Active Directory.

Summary of Key Concepts Discussed

  • Overview of how user creation works within an active directory environment is provided along with insights on necessary permissions for performing actions effectively.

This structured summary captures key points from each segment of the transcript while providing timestamps for easy reference back to specific moments in the video.

Understanding Active Directory Privileges and Roles

Overview of Active Directory Privileges

  • The discussion begins with the importance of understanding the privileges associated with Active Directory (AD) for effective usage.
  • Access to AD is crucial, and it is emphasized that technical access requires specific roles or privileges defined within Azure Active Directory (Azure AD).
  • New users must be assigned a set of roles to perform actions within Active Directory; without these assignments, they cannot interact effectively with the system.

Role Assignments in Azure Active Directory

  • Companies typically restrict access to AD privileges due to the sensitive nature of user data stored within.
  • It is essential for users to understand how to access and utilize these privileges properly, as only assigned roles allow interaction with AD activities.
  • A limited number of key roles are highlighted as frequently used, suggesting a focus on practical application rather than exhaustive knowledge.

Specific User Roles and Their Functions

  • An example role assignment is discussed where a user named Vishnu Priya has been granted owner privileges, indicating their significant responsibility in managing organizational resources.
  • The process for checking assigned roles through the portal is outlined, emphasizing transparency in role management.

Global Administrator Role Insights

  • The Global Administrator role allows comprehensive management across all aspects of Microsoft Entra ID and services utilizing this identity framework.
  • This role's definition includes capabilities such as managing everything within Azure AD, highlighting its critical importance in organizational structure.

Limitations Without Assigned Privileges

  • Users without specific privileges can only view information but cannot create new users or perform other administrative tasks due to restrictions placed on their accounts.
  • The inability to create new users stems from being logged into an account lacking necessary permissions, which are currently disabled.

Exploring Available Roles in Active Directory

  • A variety of roles exist within Active Directory; clicking on options reveals a list that helps identify what each role entails.
  • Default user roles are mentioned, noting that many do not come with additional privileges beyond basic identification as a user.

This structured overview provides insights into the complexities surrounding active directory management while emphasizing the significance of proper role assignment and privilege understanding.

User Administrator Role Assignment

Importance of User Administrator Role

  • The User Administrator role must be assigned to manage security effectively, especially when new team members join.
  • A global administrator oversees the initial assignment of roles to ensure proper access and security measures are in place.

Risks of Improper Role Assignment

  • Assigning the Global Administrator role to 10 members can lead to significant security risks, as they have extensive control over Active Directory tasks.
  • Mistakes by any member with this role could result in critical deletions or unauthorized changes within the system.

Application Development Access

  • Members involved in application development do not require access to all areas; their focus should be limited to necessary permissions for their tasks.
  • Only specific privileges related to application development should be assigned, avoiding unnecessary access that could compromise security.

Maintenance Responsibilities

  • It is essential for designated users to maintain user details without needing broader network or antivirus access.
  • Properly defining roles ensures that only relevant privileges are granted, minimizing potential misuse.

Active Directory Roles and Privileges

Specific Role Assignments

  • Users need only the privileges necessary for maintaining user details and performing specific administrative tasks without excess authority.

Conceptual Framework for Role Assignment

  • The concept behind assigning roles is based on profiles derived from interviews, ensuring that responsibilities align with individual capabilities and job functions.

Understanding Azure Active Directory Roles

Types of Roles Available

  • Various built-in roles exist within Azure Active Directory, including Application Administrators and Network Administrators, each serving distinct functions.

Managing User Groups

  • The User Administrator role allows management of all aspects related to user groups, including password resets and account maintenance.

Role Assignment Process

Steps for Assigning Roles

  • The process involves creating a new user and subsequently assigning them appropriate roles based on their job requirements.

Azure Role Assignment Process

Creating a User Account

  • The process begins with creating a user account for Sharmila, assigning the "User Administrator" role to her.
  • It is emphasized that the screen sharing should be done by the participant to gain hands-on experience in creating a new user.
  • The speaker mentions that they cannot create accounts due to lack of assigned roles but instructs on how to proceed with Sharmila's account creation.

Password Management

  • A temporary password will be auto-generated for the new user, which must be noted down as it will be required during the first login.
  • The importance of resetting the password upon first login is highlighted, ensuring security protocols are followed.

Filling Out User Information

  • Participants are guided on filling out necessary details such as job title, company name, department (Azure Cloud), and employee ID during account setup.
  • Additional personal information like mobile number and email address can also be provided at this stage.

Understanding Organizational Structure

  • The speaker explains that this process reflects how users are created within an organization and emphasizes understanding these parameters for future reference.
  • It's clarified that no sensitive information needs to be shared at this point; it's primarily about personal information collection.

Role Assignment Process

  • After creating a user, roles need to be assigned. The "User Administrator" role is specifically mentioned as essential for Sharmila.
  • Instructions are given on how to search and select the appropriate role from available options in Azure.

Finalizing User Creation

  • Once all parameters are confirmed correct, participants are instructed to finalize the creation of Sharmila's account.

Accessing Microsoft Portal

  • Users must enter specific URLs correctly when accessing their accounts; incorrect entries lead to errors.

Two-Factor Authentication Setup

  • Emphasis is placed on setting up two-factor authentication using Microsoft Authenticator app for enhanced security during login processes.

How to Use the QR Code for School Account Access

Scanning the QR Code

  • Open the application and scan the provided QR code. Ensure you select "School Account" or "Work Account" when prompted.
  • After scanning, confirm that your account is authenticated by checking if it successfully logs into the school portal.

Authentication Process

  • If authentication is successful, you will be prompted to enter your password. If you have forgotten it, use the reset option available.
  • Once logged in, navigate to the home tab by clicking on "Home."

Accessing Microsoft Azure

  • Click on Microsoft Azure from the home options to access your account settings and roles assigned.
  • Check under Active Directory for user roles; ensure that you are assigned as a User Administrator.

Managing Users in Active Directory

  • The system displays three users currently active. Review their roles under "Roles and Administrators."
  • To create a new user, click on “User Creation” and follow prompts to assign necessary permissions.

Creating Guest Access for External Users

  • For temporary access needs (e.g., clients), consider creating guest accounts instead of full user accounts.
  • Grant external permissions using existing email addresses (like Gmail or Outlook). This allows them limited access without needing a full account setup.

Inviting External Users

  • Navigate to “New User” and select “Invite External User.” Enter their email address for access.
  • Provide a display name during this process before finalizing their invitation.

User Role Assignment and Access Management

Understanding User Roles and Invitations

  • The speaker discusses the process of assigning roles to users, specifically mentioning the "Guest User" role. They clarify that they are currently a guest user due to an invitation linked to their external ID.
  • The speaker requests a specific role assignment, asking for the "Global Administrator" role, indicating confidence that it can be granted.
  • After selecting the appropriate role, the speaker emphasizes the importance of receiving an email notification confirming their new role as a Global Administrator.

Email Confirmation and Acceptance Process

  • The speaker explains that upon receiving the invitation email, they will need to accept it in order to start working within the system.
  • They confirm receipt of an invitation email from their organization’s default directory, which allows access to applications within that organization.

Switching Directories and Active Directory Membership

  • Upon accepting the invitation, the speaker notes they will become a member of the active directory associated with their organization.
  • They describe switching directories within their account settings to access resources from another organization while maintaining membership in both directories.

External User Management Insights

  • The speaker clarifies how external user invitations work when they already belong to another directory but receive an invite from a different organization.
  • They explain that once accepted, they can switch back and forth between directories based on where they need to work at any given time.

Overview of Current Users in System

  • The speaker mentions there are four users listed in total: three regular users and one guest user (themselves), highlighting how this setup is managed under Microsoft accounts with global administrator privileges.
  • They conclude by discussing what being a Global Administrator entails—specifically having full privileges for managing users and creating new accounts within their organizational structure.
Video description

Techno Rock Channel - This channel is completely for sharing Technical IT skills and guiding for freshers to get Job in companies. Also sharing ideas & Tricks of varies technical skill in current trending Learn Microsoft Azure Administrator Course from Zero to Hero full course complete session and started from Day 1 Tamil. In this course will cover entire Azure administration with live hands-on without theory. #microsoft #Microsoft Azure #azure #azuretraining #freetraining #Microsoft Azure Administrator AZ104 #Microsoft Azure Administrator AZ104 for beginner course #microsoft Azure administrator #Azure full course #azure admin full course #microsoft azure full course #azure admin full course #azure admin videos #MS Azure admin tutorial #microsoft azure fundamentals #microsoft course #Microsoft Azure admin training #MS azure Admin tutorial #Azure administrator AZ 104 Tamil #Azure administrator tutorial Tamil #Azure training in tamil #Azure Tamil #Tamil Tutorial #Azure administrator for tamil beginners #Azure training tamil #Azure tutorial in tamil #Azure administrator tamil #Azure administrator complete course in tamil #Azure administrator full course in tamil #Azure admin complete course 2024 #Azure subscription #Azure subscription in tamil #Azure subscription details #Azure Region #Azure Zones #Azure tenant #Azure subscription overview #Azure sandbox #Azure sandbox subscription #Azure free sandbox activation #Azure sandbox subscription overview #Azure Active directory #Azure EntraID #MicrosoftEntraID #microsoft Entra ID #Azure AD #Microsoft Azure AD #Microsoft Azure AD service