Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Windows Azure Active Directory and Office 365 integration

In my company, we are using Office365 for our emails. In addition to this, we are using Windows Azure Active Directory to secure some applications.

Now I've been asked to create some kind of link between our users in Office 365 and Windows Azure Active Directory. The point would be to have some admin applications deployed and secured with WAAD but for which the users are the ones from Office365.

I've found lots of documentation on the web on how to sync directories but not really anything stating clearly that this is possible.

I'd like to insist on the fact that it is our own application that we'd like to secure like this.

Thanks

like image 645
Georges Avatar asked Feb 18 '14 15:02

Georges


People also ask

Does Office 365 sync Active Directory?

If you have an on-premises Active Directory Domain Services (AD DS) domain or forest, you can synchronize your AD DS user accounts, groups, and contacts with the Azure AD tenant of your Microsoft 365 subscription. This is hybrid identity for Microsoft 365.

What's the relationship between Azure AD Office 365 and Azure?

Azure AD provides you with common identity and access capabilities to all web services. Whether you are using Office 365, Microsoft Azure, Intune, or others, you're already using Azure AD to help turn on sign-on and access management for all these services.

How do I manually sync Office 365 with Active Directory?

To synchronize your users, groups, and contacts from the local Active Directory into Azure Active Directory, install Azure Active Directory Connect and set up directory synchronization. In the admin center, select Setup in the left nav. Under Sign-in and security, select Add or sync users to your Microsoft account.


1 Answers

(Edit 2018-03-23: This answer was updated to reflect changes in the new Azure portal.)

The underlying directory for Office 365 is Azure Active Directory (Azure AD). This means that if you have an Office 365 account, you already have a directory -or "tenant"- in Azure AD.

In your case, I think what you want to do is move from securing your application with a different Azure AD tenant (under a different domain), to securing your applications with the tenant you got when you started using Office 365. The key here is to be able to get access to your Office 365 tenant from the Azure portal.

All you need to do is sign in to the Azure portal (https://portal.azure.com) with you Office 365 account (which, remember, is an Azure AD account), and head over to the "Azure Active Directory" blade. (Note: You do not need an Azure subscription in order to manage your Azure AD tenant in the Azure portal.)

Now you can go about adding and configuring apps to the Office 365 tenant so that you can use that tenant to secure your apps.

Extra: Since you've already started doing things with another Azure subscription (presumably your Microsoft Account, MSA --formerly LiveID--), you might be interested in transferring that Azure subscription to be owned by an account in your primary Azure AD tenant: https://docs.microsoft.com/en-us/azure/billing/billing-subscription-transfer

like image 168
Philippe Signoret Avatar answered Sep 19 '22 15:09

Philippe Signoret