Lab-4 Manage Azure Active Directory Identities with Dynamic Membership

AMIT KUMARAMIT KUMAR
4 min read

Tasks

  • Task 1: Create and configure Azure AD users.

  • Task 2: Create Azure AD groups with assigned and dynamic membership.

  • Task 3: Create Azure AD tenant.

  • Task 4: Manage Azure AD guest users.

Task 1: Create and configure Azure AD users.

  1. Go-to Azure portal and search “Azure Active Directory”

  2. Click on the Users » Select your user account » Properties » Click on the edit

  3. After this click on the settings » Make sure Usage Location is selected then close the tab.

Create New Users (Cloud/System Administrator)

  1. Click on the Users » New User » Username=User1 » Make sure usage location is same for the all users » Job Title=Cloud Administrator » Dept=IT » Create

  2. Click on User1 » Assigned roles » Add Assignment » User Administrator » Add

  3. Login on the azure portal using User1 credential & click on Azure Active Directory » Users » Create new User2 » Usage Location » Job Title=System Administrator » Dept=IT » Create.

    Now close the user1 portal and come back on admin portal again.

Task 2: Create Azure AD groups with assigned and dynamic membership.

  1. Login the Azure portal » Azure Active Directory » Click on License » Click on Try/Buy » Azure AD Premium P2 » Free Trial » Activate

  2. Go back on the License page » Refresh » Select Azure Active Directory Premium P2 » Click on Assign » Add users and groups » Select all the users (Admin, Cloud Admin, System Admin) » Select » Review Assignment Option » Review & Assign » Assign

Creating the group: IT Cloud Administrator

  1. Click on the Search » Azure Active Directory » Groups » New Group » Group Type=Security » Group Name=IT Cloud Administrator » Membership Type=Dynamic User » Dynamic User Member » Add dynamic query

    Dynamic membership rules » Property=JobTitle » Operator=Equals » Value=Cloud Administrator » Save » Create

Creating the group: IT System Administrator

  1. Click on the Search » Azure Active Directory » Groups » New Group » Group Type=Security » Group Name=IT System Administrator » Membership Type=Dynamic User » Dynamic User Member » Add dynamic query

  2. Dynamic membership rules » Property=JobTitle » Operator=Equals » Value=System Administrator » Save » Create

Creating the group: IT Lab Administrator

  1. Click on the Search » Azure Active Directory » Groups » New Group » Group Type=Security » Group Name=IT Lab Administrator » Membership Type=Assigned » Members » No member selected » Select both groups which we have created above

    Add Members » Select both Group(IT Cloud/ System Administrator) » Select » Create

Verify the Members which is added in groups

  1. Click on the IT Cloud Administrator group » Members » we can see User1

  2. Same we can verify the members in all the groups

Task 3: Create an Azure AD tenant.

  1. Azure Active Directory » Overview » Manage tenant » Create tenant » tenant type » Azure Active Directory » Next-Configuration » Organization name = VDI Labs » Initial domain name = vdisolution.onmicrosoft.com » Country/Region » Review & Create » Create

Once you are click on the link you have redirected to your new tenant “VDI Labs”

Task 4: Manage Azure AD guest users

Now we are going to create new users on the newly created tenant “VDI Labs”

  1. Azure Active Directory (Make sure VDI Labs tenant selected) » Users » New user » Create user »

    Name → LabUser1

    Username → LabUser1@vdisolution.onmicrosoft.com

    Let me create the password » Usage Location »

    Job Title→ System Administrator » Dept » IT » Create

  2. Click on the LabUser1 » Copy the user principle name » Click on the settings icon

After click on the switch option the tenant account will switch to VDI Labs to default tenant

Inviting a guest user

Azure Active Directory (Default Tenant) » Users » New user » Invite external user »

Name → LabUser1

Email → LabUser1@vdisolution.onmicrosoft.com » Usage Location » Job Title » Lab-Administrator » Dept » IT » Invite

Click on the all users » Select LabUser1 » Groups » Add membership » IT Lab Administrators » Select

Now all the configuration has been done !! Thanks

0
Subscribe to my newsletter

Read articles from AMIT KUMAR directly inside your inbox. Subscribe to the newsletter, and don't miss out.

AzureCloud ComputingCloudActive DirectoryAzure ADazure-devopsIAM

Written by

AMIT KUMAR
AMIT KUMAR

Hello, I am Amit and working as "Assistant Project Manager in Cloud Service Delivery Department, specializing in efficient cloud solution deployments and team coordination. Passionate about leveraging cloud technology to drive project success and empower clients in their digital transformation." With 6 years of experience in the IT industry, I bring strong technical expertise in cloud services, system administration, and troubleshooting. My skills include: Microsoft Azure Amazon Web Services (AWS) Windows Server Active Directory Python, Django, MySQL Desktop Troubleshooting Software & Hardware Troubleshooting IT Support Technical Support etc. I'm passionate about continuous learning and always eager to explore emerging technologies to enhance IT solutions and client satisfaction. Thanks