Welcome to the IT World

Azure Manage Identities and Government Domain

Photo by Pero Kalimero on Unsplash

Azure Manage Identities and Government Domain

Technapple's photo
Technapple
·

3 min read

I am currently studying for AZ-104. These are points for me and other people who want to certify to keep in mind. (Keep in mind this will be the first section only). This is not written by a professional, this is written by a person who believes in being an ongoing learner. There are two main things I want to cover for this section that I liked and find intriguing. In addition, they were a bit confusing too.

  • Active Directory vs Azure Active Directory

  • How does Azure policy work? (Including JSON)

Active Directory vs Azure Active Directory

Definition Term from :

Active Directory Domain Services (AD DS) is the traditional deployment of Windows Server-based Active Directory on a physical or virtual server.

Azure Active Directory is Microsoft's multi-tenant cloud-based directory and identity management service.

Let me get this definition out of it, the main difference is that Azure Active Directory can act as an Identity solution. They drove this and made sure we understand that. There are other features such as Azure AD implementing HTTPS and HTTP communication while AD DS uses Kerberos. Here is more if you want to learn about Kerberos.

What I like about Azure Active Directory is how it works with everything else, especially the billing that is associated with it and the self-service password reset. I have worked as a helpdesk and this made it easier for our team. Enabling that saves a lot of time on our side.

Azure Policy

Definition Term:

Azure Policy is a service in Azure that enables you to create, assign, and manage policies to control or audit your resources.

So there is a specific area that confuses but Azure policies are used to enforce rules and compliance, apply policies at scale, perform remediation, and exercise governance. In addition, the main thing I love about it is the inventory audits. It makes my life easier.

The way you create it is unique for me it took a while to make sense.

Step 1: Create Policy Definitions - What you are trying to define what to examine in your environment

Step 2: Create Initiative definition - a set of policy definitions to help track the resources to the definition

Step 3: Scope the Initiative definition - Which resources are in scope

Step 4: Determine Compliance - evaluate the state of compliance for all your resources

When creating or editing your Azure policy. You will use something called JSON. What is JSON? JSON is a format to transport data and store it through a lightweight program. Here is what JSON looks like:

{"Age": "24"}

Now this is not a lesson in JSON but here is a brief background on it. You use JSON to define which computer or if the BitLocker is enforced through the Azure Policy. For example, you can say {"Bitlocker Policy": "Enforced"} JSON uses Key pair values and it is easily understandable.

This is what I learned in the first section, hopefully, it made sense. I used the AZ-104 learn sites. In addition, here are the links for the AZ-104:

https://learn.microsoft.com/en-us/training/paths/az-104-manage-identities-governance/

https://www.w3schools.com/js/js_json_intro.asp

Writing is not my forte but if anyone has any criticism or project ideas let me know. I will gladly listen to them and improve on them.

Azureintroductionjsonaz-104azure-active-directory