Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.© Ingram Micro Inc.1

Azure Active DirectoryJorge D. Wong

Technical Account Manager – Microsoft Azure

October 11, 2017

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.2

• What is Azure AD?

• Identity Types

• Azure AD Domain Services

• Multi Factor Authentication

• Azure AD Editions

• Azure AD Ignite Announcements

Agenda

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.3

What is Azure AD?

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.4

• Cloud Identity

• Synchronized Identity

• Federated Identity

Identity Types

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.5

• Users are created and managed via Azure AD.

• No on-premises servers required.

• When to use it:

− You have no other on-premises user directory

− You have a very complex on-premises directory and simply want to avoid the work to integrate with it.

− You have an existing on-premises directory, but you want to run a trial or pilot of Azure AD. Later, you can match the cloud users to on-premises users when you are ready to connect to your on-premises directory.

Cloud Identity

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.6

• Accounts are synchronized from an on-premises directory.

• The user enters the same password on-premises as he or

she does in the cloud.

• This model uses a directory synchronization tool to

synchronize the on-premises identity to Azure AD.

• When to use:

− When you have an on-premises directory and you want to

synchronize user accounts and optionally passwords.

Synchronized Identity

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.7

• Same as Synchronized Identity but the user password is

verified by the on-premises identity provider.

• This model uses Active Directory Federation Services (AD

FS) or a third-party identity provider.

• When to use:

− You want users to provide their login credentials once.

− You have an on-premises integrated smart-card solution.

− You have other policies in place that require federated identity.

Federated Identity

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.8

• Integrates your on-premises directories with Azure AD

making your users more productive by providing a

common identity for accessing both cloud and on-premises

resources.

• Made up of three primary components:

− Synchronization Services

− Active Directory Federation Services

− Health Monitoring

Azure AD Connect

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.9

• Provides managed domain services such as domain join,

group policy, LDAP, Kerberos/NTLM authentication that

are fully compatible with Windows Server Active Directory.

• Integrates with your existing Azure AD tenant, thus making

it possible for users to log in using their corporate

credentials.

• Enables you to deploy your workloads in Azure

Infrastructure Services without having to worry about

maintaining your identity infrastructure.

Azure AD Domain Services

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.10

Is it right for you?

Feature Azure AD Domain Services 'Do-it-yourself' AD in Azure VMs

Managed service ✓ ✕

Secure deployments ✓ Administrator needs to secure the deployment.

DNS server ✓ (managed service) ✓

Domain or Enterprise administrator privileges ✕ ✓

Domain join ✓ ✓

Domain authentication using NTLM and Kerberos ✓ ✓

Kerberos constrained delegation resource-based resource-based & account-based

Custom OU structure ✓ ✓

Schema extensions ✕ ✓

AD domain/forest trusts ✕ ✓

LDAP read ✓ ✓

Secure LDAP (LDAPS) ✓ ✓

LDAP write ✕ ✓

Group Policy ✓ ✓

Geo-distributed deployments ✕ ✓

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.11

• Provides additional security by requiring a second form of

authentication and delivers strong authentication via a

range of easy verification options:

− Phone call

− Text message

− Mobile app notification

− Mobile app verification code

− Third-party OATH tokens

Azure Multi Factor Authentication

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.12

• Free

• Basic

• Premium P1

• Premium P2

Pricing details:

https://azure.microsoft.com/en-us/pricing/details/active-

directory/

Azure Active Directory

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.13

• Azure AD Premium P1

− Enterprise Mobility + Security E3

− Microsoft 365 Education A3

− Microsoft 365 F1 and E3

• Azure AD Premium P2

− Enterprise Mobility + Security E5

− Microsoft 365 Education A5

− Microsoft 365 E5

Alternative Bundles

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.14

• Pass Through Authentication (PTA) is now generally

available.

• Conditional Access Enhancements

• Azure AD Privileged Identity Management (PIM)

• Additional Identity types for B2B

Azure AD – Ignite 2017 Announcements

INGRAM MICRO Our Team Is Here To Help You

West Region

Amir Sedehi

Market Development Executive

(714) 382-4680

Mike O’Donnell

Channel Account Executive

Dynamics 365

(800) 456-8000 x67012

Leanne Chapin

Channel Account Specialist II

Platform

(800) 456-8000 x67156

Jill Idziak

Channel Account Specialist II

Cloud

(800) 456-8000 x66432

Evan Bould

Channel Account Specialist II

Cloud Branch K5 Only

(800) 456-8000 x66626

TBD

Channel Account Specialist II

Platform & Cloud, SMB

(800) 456-8000 xTBD

Central Region

TBD

Market Development Executive

(800) 456-8000 xTBD

Mike O’Donnell

Channel Account Executive

Dynamics 365

(800) 456-8000 x67012

TBD

Channel Account Specialist

Platform

(800) 456-8000 xTBD

Rob Gugliuzza

Sr. Channel Account Specialist

Cloud

(800) 456-8000 x65377

Evan Bould

Channel Account Specialist II

Cloud

Central: KS, OK, AR, TX, LA

(800) 456-8000 x66626

James Currey

Channel Account Specialist II

Central: ND, SD, NE, MN, IA,

WI, IL, MO, IN, KY, OH, MI, TN

(800) 456-8000 x67215

Kalie Michalski

Channel Account Specialist II

Platform & Cloud, SMB

(800) 456-8000 x67794

East Region

Dan Eyrick

Market Development

Executive

(800) 456-8000 x67376

Mike O’Donnell

Channel Account Executive

Dynamics 365

(800) 456-8000 x67012

Ray Sallaj

Channel Account Specialist II

Platform

(800) 456-8000 x67037

Jeff Fabin

Sr. Channel Account Specialist

Cloud

(800) 456-8000 x65360

James Currey

Channel Account Specialist II

Cloud Y2 Only

(800) 456-8000 x67215

Casey Woodlock

Sr. Channel Account Specialist

Platform & Cloud, SMB

(800) 456-8000 x66977

Microsoft Specialists

Talia Love

Sales Supervisor

Surface

Chuck Hayes

Sr. Channel Account Specialist

Surface

Patrick Flatley

Market Development Specialist

Surface

Technical Experts

David Priebe

Microsoft Technical Solutions Engineer

Rick McClive

Technical Account Manager -

Microsoft Azure

(800) 456-8000 x66569

Jorge Wong

Technical Account Manager -

Microsoft Azure

(800) 456-8000 x66219

SPLA

Danielle Huegel

Sr. Channel Account Specialist

– SPLA

(800) 456-8000 x67294

KatieLynn Meyers

Channel Account Specialist II

SPLA

(800) 456-8000 x67767

ND

SD

NE

KS

MN

IA

MO

MI

IN OH

KY

TN

WI

IL

OK AR

LATX

WA

OR ID

MT

WY

NV UT CO

AZ NM

MS AL

FL

GASC

NC

WVVA

MDDE

NY

VTNH

CTRI

ME

MA

PA

NY

SoCal

NorCal

HI

NJ

Confidential and proprietary information of Ingram Micro Inc. – Do not distribute or duplicate without Ingram Micro’s express written permission.

Microsoft Licensing Desk:

Microsoft-

licensing@Ingrammicro.com

800-456-8000 x 76163

Cloud One-Stop Team

For all your Microsoft Cloud

needs email:

Microsoft-

Cloud@ingrammicro.com

Microsoft Pre-Sales Technical Support

(800) 445-5066 x76291

Deliver the Modern Workplace:

30 DAYS FREE on select Microsoft CSPDid you know? Ingram Micro has delivered this promotion to partners for the last

three quarters and paid out over $1,000,000 in 2017 thus far. This number will

continue to grow, so be sure you’re one of the partners earning credit.

Receive the first 30 Days FREE for all net new seats of:

• Microsoft 365 CSP Business

• Microsoft 365 CSP Enterprise

• Office 365

• Enterprise Mobility + Security

• Dynamics 365 for Financials

• Dynamics 365 for Team Members

• Windows 10 Enterprise Subscription (WES)

Grow the Intelligent Cloud:

30% OFF all new Azure CSP tenantsDid you know? Partners that participate in Ingram Micro’s

Azure promotion deploy new tenants 50% faster than their

peers!

Promotion T&Cs:• Final day to register is 12/27/17. Final eligible date to earn is 12/30/17.

• Must be registered to earn, IE: Register on 10/16/17, all orders placed on that date forward will qualify for credit.

• All net new seats (O365,D365 for Financials, EM+S, WES) must stay with Ingram Micro for at least 18 months.

• Only monthly SKUs apply

• One-time project based does not qualify.

• Credit will be issued as an Ingram Micro Cloud Marketplace credit within 90 days of promotion ending.

• Microsoft qualified SMB customers only; no major accounts.

• Promotion may change or end without notice.

Questions? Contact Us:

Microsoft-Cloud@ingrammicro.com

Register for Promo

Earn BIG and Maximize Profit with Microsoft CSPIngram Micro Exclusive

Let’s say the

tenant is

created on

10/16/17

Tenant consumes usage over the first month and

Ingram issues an invoice for the consumed usage

between 11/16/17 – 1/30/18.Credit

issued:

$73530% off

Nov Dec Jan Total Invoice

$700 $800 $950 $2,450

Earn a credit of 30% OFF your first quarter’s worth of Azure consumption

(invoiced between 11/9/17 and 1/30/18) for all new tenant subscriptions. Must be

registered before the tenant is issued to qualify.

Make it real:

Sign up and earn:

Oct 9 – Dec 30, 2017

Bite Size Azure Series

Featuring Jason Lambert,

Cloud Technical Consultant

for Microsoft Azure at

Ingram Micro

Jumpstart your Azure proficiency with Ingram Micro Cloud.

Bite Size Azure is a series of quick sales and technical videos

addressing overviews, frequently asked questions, and best

practices to make Azure easier to digest.

These short videos focus on a range of topics including:

What is Microsoft Azure?

Microsoft Azure Open vs CSP

I purchased Microsoft Azure through Ingram Micro, now

what?

Microsoft Azure Calculator General Overview

Microsoft Azure CSP Process Doc

..and many more!

https://www.youtube.com/user/IngramMicroServices/playlists

LEARN MORE AT

BITE SIZE AZURE

Are you ready to accelerate your Azure practice?

Get a jump start with the Azure Acceleration Kits.

The Azure Acceleration Kits include:

Free 30-Days Advanced Support from Microsoft

Free migration and assessment services

Ingram Micro “Easy Azure” configuration guides

Lucrative promotions and discount offers

Sales and technical in person and virtual workshops

IaaS expert led 1:1 consulting and trainings

Azure Acceleration Kits

Easy Azure Starter KitAre you ready to get started with IaaS

but aren’t quite sure how? Or do you

need a simple service like backup?

Azure Enablement KitLearn not just the “how” but the “why”

and the “when” to incorporate an IaaS

solution like Azure into your business.

Azure Expert KitEngage a team of Azure technical experts and

post-sales solutions architects. Advanced

Support for Partners, migration/assessment

promotions, VIP training, and consult services

are all included.

Get started at the Azure Expert Zone:

http://www.ingrammicrocloud.com/microsoft/

What’s Your Altitude in the Cloud?

The 2112 Group, Ingram Micro Cloud, and Microsoft

have formed an alliance to deliver to partners like

you a new tool for understanding your relative

competitive state in the cloud computing market.

What will you gain from the Cloud Altimeter

assessment?

Actionable insights and analysis on your state of

cloud readiness

Understanding of your relative competitive

position in the marketplace

New cloud development strategies to increase

cloud services performance and generate higher

returns on investmentTake Your Assessment

Microsoft MicrositeWe are pleased to announce our newly

revamped microsite solely dedicated to

all things Microsoft!

Our new Microsoft Microsite includes:

• Upcoming webinars and past webinar

recordings/ presentation decks

• Partner promotions

• Event information such as Ingram Micro ONE,

Cloud Summit, and Microsoft Inspire

• Information on programs such as Azure Starter

Kit and the Cloud Referral Program

http://www.ingrammicrocloud.com/microsoft/

21Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.21