This is the start of series of post which will explain installation and configuration of WAAD. In previous article I explain about the WAAD and its features. If you not read it yet you can find it here.

Windows Azure Active Directory (WAAD)

In this post I will demonstrate how we can do the WAAD initial setup. As explain on previous post Azure AD comes with 3 versions. Once you subscribed with required version, to setup log in to Azure Management Portal.

Then click on +New button on the left hand bottom corner.

Then go and click on App Services > Active Directory > Directory

Then click on Custom Create to create WAAD instance with your requirements.

Once click on it will open a form. In here “Name” field refer to the instance name. “Domain Name” should be unique name. Initially it create with .onmicrosoft.com extension. But later you can change it to domain name your organization already using.

Once these info are filed in click on complete button.

Once it’s complete it can see on the portal as active.

Then if you click on selected instance it will bring you to the page where you can configure the WAAD instance.

As the first configuration we need to add the domain to match with our existing organization. Because on setup it uses a name with .onmicrosoft.com extension. To do this click on domains tab.

Then once load click on “Add a custom domain”

In new wizard, put the domain name to match with local active directory domain. In here later i will configure SSO with local AD. So I selected that option too. Once information are type in click on add to continue.

Once it’s done it will list on the page. But as we can see here it’s not yet “verified” and set as “primary domain”. To do that we need to do the AD integration with local organization. In next post let’s see how we can do that.

If you have any questions about the post feel free to contact me on rebeladm@live.com

“Cloud”, the most common term now in IT, its everywhere . Companies which provides IT services bringing their products and services in to the cloud rapidly. “Hosting services” was the first industry affect with it and now its spread to even small companies, individual professionals. With introduce of everyday products like Microsoft office365 every one start to understand the benefits of the “cloud”. Some organizations are use their own private cloud while some are completely move in to public cloud services.

One of the main concern people had about cloud was how they can bring there infrastructure services, resources, applications without impact to productivity. For example most organizations uses Single-Sign-On (SSO) to reduce the complexity of the authentication and authorization process. After we move organization’s resources, products, services to cloud if SSO do not work it still preventing full benefits of the cloud in end user prospective. The same time it will make impact on productivity directly. This access control and authentication concerns are more applying in to “Hybrid Cloud” systems. In Hybrid cloud some resources, services, application will run on-premises and some will be run from public cloud or private cloud setup in data center. This is the most commonly used cloud model in industry.

One of the solution used to address this is federation services. But issue is not every application or products uses same standards, protocols for identity management. As we know most of available products supports integration with AD services. Even Microsoft gives relevant tools, techniques to succeed with SSO on application development. So if you have working infrastructure system with all company requirement, how you convince management to move in to cloud system which will needs to deal with identity and access issues?

Well, Microsoft has found the solution for this. “Microsoft cloud – Azure” and windows server 2012 allows to extend the active directory in to the cloud. It allows to use claim based authorization. We can use windows azure AD as the identity store for the hybrid cloud and easily integrate other systems such as web portals, email system, crm, non-Microsoft apps. Also it can sync with the on-premises windows server active directory using “DirSync (Windows Azure Active Directory Sync Agent)” with AD FS (Active Directory Federation Services).

In next posts let’s see how we can configure Azure AD and how it works with integration. If you have any question about post feel free to contact me on rebeladm@live.com

Image Source: http://blogs.technet.com/cfs-file.ashx/__key/communityserver-blogs-components-weblogfiles/00-00-00-98-54-metablogapi/clip_5F00_image001_5F00_1E3725C4.png