Azure ad for office 365. In a previous post i talked about the different oauth2 flows supported in azure ad for office 365 apis. Overview of deploying office 365 directory synchronization in azure. Theres the authorization code grant flow that i think is the most common in that when you login you get a code that can be used to. The following diagram shows azure ad connect running on a virtual machine in azure the directory sync server that synchronizes an on premises windows server ad forest to an office 365 subscription.
Microsoft has released group based license management for office 365 customers via azure active directory to simplify complex licensing scenarios. When we were upgraded previously from the 2007 series of software to the 2010 series i had to make some changes to ad groups so they wouldnt show up in microsofts bpos admin portal. With the ga of planner microsoft added the ability within azure ad powershell to control who can create office 365 groups. That post outlined three different authentication flows.
After the azure ad module is installed you can connect to your office 365 tenant by running the connect azuread cmdlet and then entering your admin credentials when prompted. Provides a comprehensive list of symptoms and their solutions. With solutions such as azure ad and office 365 becoming more common as a source of an organisations identity on the internet it can be useful. A good deal of our customers synchronize their identities from an on premises active directory.
Ah the authentication dance. To be clear this isnt really about office 365 or the office 365 apis but they rely on azure ad for authentication. Azure ad connects organization of all sizes to office 365 and other saas applications in a seamless and secure manner.