Preparing exam SC – 300 – Identity and Access Administrator – Associate Configure and manage Azure Active Directory roles – Study material – Part 1

Azure Active Dierctory Admin center - Add role to the user
Azure Active Dierctory Admin center - Add role to the user

Hi All,

Greetings for the day 🙂 LIFE IS BEAUTIFUL 🙂 I hope we all are safe 🙂 STAY SAFE, STAY HEALTHY 🙂

Recently, Microsoft introduced 4 new security certificates, today those are still in beta. Also these exams will not replace the current exams – AZ 500 and MS 500.

Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals (beta)https://docs.microsoft.com/…/certifications/exams/SC-900

Exam SC-300: Microsoft Identity and Access Administrator (Security exam beta)https://docs.microsoft.com/…/certifications/exams/sc-300

Exam SC-400: Microsoft Information Protection Administrator (Security exam beta)https://docs.microsoft.com/…/certifications/exams/sc-400

Exam SC-200: Microsoft Security Operations Analyst (beta)https://docs.microsoft.com/…/certifications/exams/sc-200

Please note these exams didn’t replace current security related exams – Az-500 and MS-500

Among above exams one of my favorite topic is Microsoft Identity and now there is separate exam related to this – Exam SC-300: Microsoft Identity and Access Administrator (Security exam beta). So thought to give shot. So started preparing and then of course as SHARING IS CARING, sharing study material as well.

Skills required for – Exam SC-300: Microsoft Identity and Access Administrator

  1. Implement an identity management solution (25-30%)
  2. Implement an authentication and access management solution (25-30%)
  3. Implement access management for apps (10-15%)
  4. Plan and implement an identity governance strategy (25-30%)

So today we will discuss 1st part – Implement an identity management solution and in this Configure and manage Azure Active Directory roles

So lets begin the show 🙂

What is Azure AD ?

  1. Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service (IAM)
  2. A directory – container for users, credentials and access rights
  3. Azure AD can sync with an on-premises directory via Azure AD Connect
  4. Azure AD helps our organization users to sign in and access resources in
    • External Resources => M365, the Azure Portal, other SAAS applications. It supports around more than 2,800 pre-integrated SAAS application such as Docusign, Zoom, Drupal, ServiceNow, Twitter, LinkedIn and so on. This list is ever growing
    • Internal Resources => Apps in our network or in Intranet

Audience of Azure AD

  1. IT Admins
    • Who manages Azure AD operations / features like managing users, managing Groups, setting conditional policies, managing authentication mechanisms for users like setting up MFA (Multi Factor Authentication)
  2. App developers
    • Azure AD helps to be used as standard based approach to enable features likes SSO
  3. Microsoft 365, Office 365, Azure, or Dynamics CRM Online subscribers
    • Each Microsoft 365, Office 365, Azure, and Dynamics CRM Online tenant is automatically an Azure AD tenant

Azure AD Roles

  • Azure AD roles are used to manage Azure Resources in a directory such as user management (creating user / assigning roles to users / resetting password, managing licenses, domains and so on)
  • Different roles have different responsibilities
  • Following are key roles which I’ll lists hers
    • Global Administrator
      • Having full rights
      • Manage access to all administrative features in Azure AD
      • Assign administrative roles to other users
      • Reset password for all other users including administrators
    • User Administrator
      • Create and manage users
      • Create and manage groups
      • Manage support tickets
      • Monitor service health
      • Change passwords for users, Helpdesk administrators, and other User Administrators
    • Billing Administrator
      • Manage subscriptions
      • Manage support tickets
      • Monitor service health
      • Make purchase

To view all the available roles

M365 admin center - navigating to Azure Active Directory Admin center
Fig : M365 admin center – navigating to Azure Active Directory Admin center
  • We will be redirected to Azure Active Directory admin center portal as
Azure Active Directory admin center
Fig : Azure Active Directory admin center
  • Click on “Azure Active Directory” from left side pane and click on “Roles and administrators” as
Azure Active Directory admin center - Roles and administrators
Fig : Azure Active Directory admin center – Roles and administrators
  • Click on “Roles and administrators” from left blade as shown in above Fig. We will be redirected to “Roles and administrators” page as shown in below Fig
Azure Active Directory admin center - Roles and administrators
Fig : Azure Active Directory admin center – Roles and administrators

Assigning AD Roles to the users

  • To assign any roles as listed in above fig, we need to navigate to – user profile page
  • From left pane, please navigate to Users page as shown in below Fig
Azure Active Directory admin center - All users
Fig : Azure Active Directory admin center – All users
  • Once we are on given user profile page, from left pane we will navigate to – “Assigned roles” as shown in below Fig
  • Click on “Assigned roles” link, we will be navigated to – “Assigned roles” page as
Azure Active Directory admin center - Assigned roles to respective user
Fig : Azure Active Directory admin center – Assigned roles to respective user
  • On “Assigned roles” page current listing of roles assigned to users appears as shown in above Fig
  • We have an link available “+Add assignments” available. To add new role to the respective user, click on “+ Add assignments” option
  • We will be redirected to “Add assignments” page as
Azure Active Directory admin center - Assign new role to respective use
Fig : Azure Active Directory admin center – Assign new role to respective user
  • From “Add assignments” page select role which we want to assign, here we are selecting “Application Developer
  • Please have a look at other properties as per need like – Assignment type, Whether role need to assign permanently assign or for specific duration as shown in below Fig
Azure Active Directory admin center - Assign new role to respective user
Fig : Azure Active Directory admin center – Assign new role to respective user
  • At top right corner of the page we will have status message as shown in below Fig
Azure Active Directory admin center - Assign new role to respective user - status dialog
Fig : Azure Active Directory admin center – Assign new role to respective user – status dialog
  • Once role assigned to user we could see in it the list on “Assigned roles” page as shown in below Fig
Azure Active Directory admin center - Assigned roles to respective user
Fig : Azure Active Directory admin center – Assigned roles to respective user

Since this article is going long, I’ll stop here. In next article we will continue 🙂

Next Article : In next article we will discuss how to create custom roles and assign to the user

Thanks for reading 🙂 If its worth at least reading once, kindly please like and share 🙂 SHARING IS CARING 🙂

Share In Teams:

Enjoy the beautiful life 🙂 Have a FUN 🙂 HAVE A SAFE LIFE 🙂 TAKE CARE 🙂 

 

Prasham Sabadra

LIFE IS VERY BEAUTIFUL :) ENJOY THE WHOLE JOURNEY :) Founder of Knowledge Junction and live-beautiful-life.com, Author, Learner, Passionate Techie, avid reader. Certified Professional Workshop Facilitator / Public Speaker. Scrum Foundation Professional certificated. Motivational, Behavioral , Technical speaker. Speaks in various events including SharePoint Saturdays, Boot camps, Collages / Schools, local chapter. Can reach me for Microsoft 365, Azure, DevOps, SharePoint, Teams, Power Platform, JavaScript.

You may also like...

5 Responses

  1. March 13, 2021

    […] last article Preparing exam SC – 300 – Identity and Access Administrator – Associate Configure and manage A… we discussed about – What are Azure AD Roles, how to assign those roles to the user from […]

  2. March 14, 2021

    […] last two article Preparing exam SC – 300 – Identity and Access Administrator – Associate Configure and manage A… and Preparing exam SC – 300 – Identity and Access Administrator – Associate Configure and […]

  3. March 18, 2021

    […]  Preparing exam SC – 300 – Identity and Access Administrator – Associate Configure and manage A… […]

  4. March 19, 2021

    […]  Preparing exam SC – 300 – Identity and Access Administrator – Associate Configure and manage A… […]

  5. March 19, 2021

    […] Preparing exam SC – 300 – Identity and Access Administrator – Associate Configure and manage Azure Active Directory roles – Study material – Part 1 Preparing exam SC – 300 – Identity and Access Administrator – Associate Configure and manage A… […]

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: