Azure AD and AD FS Identity Solutions with John Craddock
An internationally acknowledged master of identity management is ready to teach you! Get the chance to learn from and get inspired by a senior expert in the area of Microsoft based identity management with Active Directory (AD), AD Federation Services (AD FS) and Azure AD.
The Masterclass is a high-energy, action packed event, crammed with solid information and tips. John Craddock will help build your knowledge and consolidate your new skills with over 37 hands-on labs.
Discover how the identity solutions offered by Azure Active Directory, on-premises AD FS and AD will help you build identity systems for the future using protocols that include OpenID Connect and OAuth 2.0. You will learn how to authenticate and provide authorization factors to applications that can be located on-premises or in the cloud. The source of identity of the users could be from you own corporate network, your Azure AD domain, a partner organization and/or a social identity provider such as Facebook or Google.
The class provides detailed learning through the extensive use of hands-on labs. Attendees will not only learn the fundamentals and principles, but also learn how-to deploy and troubleshoot the solutions. In-depth learning will be gained through the use tools, such as Fiddler, to analyse and understand the protocol flows.
Target Audience and Prerequisites
The class is primarily aimed at IT professionals. However, application developers who are tasked with integrating authentication and authorisation with Microsoft Azure and/or on-premises AD FS will greatly benefit from the detailed coverage. Code development is not included in the class, but you will learn about all of the configuration requirements.
To gain the maximum from this class and the hands-on labs, you will need hands-on system administrator’s skills. For example you will need to know how to:
- Create and manage groups, OUs and group policies in on-premises AD
- Perform basic server/DC troubleshooting (for example check if a service is running, and restart it)
- Add a DNS record
- Add an URL to a browser’s Intranet zone
The course is given in English.
Comments from previous students
"I believe this is the most useful course I have ever attended! John is very good at conveying the concepts and it is easy to see that he has solid knowledge and experience. He is also really taking the time to explain, not just rushing through hundreds of slides. Also, very many hands-on labs which was very good."
"Best training class ever!...I'm VERY satisfied."
"Fantastic training, better structure and execution than any training I have attended in years."
"Excellent class; fully packed with information that is spot on and very useful hands-on labs. We are amazed!"
"John is easy to listen to and has lots of knowledge on the subject! This is probably the best course I’ve had. Time well spent! "
"John is very knowledgeable and makes the course easy to follow. After completing the class, I really feel I have in-depth knowledge about how these aspects of Azure really work and operate. Having Limited experience working With Azure, I already feel that my knowledge now exceeds what more experienced consultants claim to know."
"I really appreciate John as a trainer. He really manages the area fully. The course really opened my eyes, and we will make changes in our company environment."
After a comprehensive introduction to today’s identity challenges and solutions you will learn the details of the authentication protocols. This in-depth coverage of the protocols will allow you troubleshoot any problems you may encounter when deploying solutions. As we go through the hands-on labs you will be expected to troubleshoot any problems you may encounter.
After completing our investigation of the protocols, you will learn how to configure the Azure Active Directory to meet your requirements. You'll discover how to manage the Azure AD through the Azure Portal, using PowerShell and the GraphAPIs. After adding custom domains and branding to your Azure AD, you will see how to enhance security and the user experience using role based access control, self-service password resets, MFA and Azure AD Identity Protection.
You will start the day by deploying Azure AD Connect to synchronize on-premises AD users to Azure AD. We will then investigate pass-through authentication and the new SSO capabilities provided by Azure AD Connect. You will learn about the SSO capabilities of Windows 10 when it is joined to Azure AD and how Windows Hello can eliminate the need for passwords.
At this stage, we have a solid identity infrastructure and now it's time to make applications available to our users.
You will start by deploying a SaaS app to your users; configuring groups, assignments and self-service application management. You will then deploy your own applications into Azure AD using both WS-Federation and OpenID Connect / OAuth 2.0.
The day start by diving deeper into the application model and learning about managing permissions, roles, groups, delegation and consent. You will discover how to turn your application into a multi-tenant app and make it available to all users from all Azure AD tenants. You will the go on to work with the Azure AD Application Proxy to publish applications to the Internet. We will end the day by configuring AD FS and the Web Application Proxy on Server 2016.
As we now have AD FS operational, the day starts by using Azure AD Connect to establish federated SSO for our on-premises AD users. You will then learn about managing AD FS claims and how to configure an OpenID Connect / OAuth 2.0 application to work with Azure AD. We will then stretch our boundaries and see how Azure AD can open access to consumers (B2C) and businesses (B2B).