Azure Active Directory Join

125 
CHAPTER 4 | Security and identity 
Figure 4-7:
Azure AD Join 
Here are some of the benefits that come with Azure AD today: 

Availability of modern settings 
On any device connected to a Windows domain or joined to an Azure AD Tenant, you now can 
access with your corporate credentials settings such as the following: 

Roaming or personalization, accessibility settings, and credentials 

Backup and restore 

Access to the Windows Store with your corporate credentials 

Live tiles and notifications 

Access organizational resources 
On any device that traditionally can’t be domain joined. Now, you can grant access to corporate 
resources. 

Single sign-on (SSO) 
Provide SSO capabilities to Microsoft Office 365, internal resources, Software as a Service (SaaS) 
solutions, and so on. 

126 
CHAPTER 4 | Security and identity 

Bring Your Own Device (BYOD) equipment 
On personal devices where you need to access corporate resources you can now specify a work 
account from which you can access those resources and be influenced by new technologies like 
Conditional Access. 

MDM integration 
Provides the ability for the BYOD scenario to become corporate-controlled resources via an 
autoenroll solution to your Mobile Device Management (MDM) solution like Microsoft Intune. 

Kiosk Mode for multiple users 
You can configure a device in kiosk mode so that many users can interact with a single modern 
app; for example, a sign in application at the reception area of an enterprise. 

Developer experience 
Lets your developers build applications that can cater to business and personal uses on a single 
stack 

Imaging 
Give further control to the end users to accept the corporate image or allow corporate policies to 
be configured during the first-run experience. 
Although these are all great features, why should you suddenly begin to adopt Azure AD Join? 
Actually, there can be a variety of reasons, depending on what type of organization you are in. For 
example, if yours is a startup organization with a large mobile foot print, providing users with the 
ability to use their own laptops or personal machines that can connect to Azure AD Join would save 
time and effort for the roll-out of a corporate policy. This would even stand true for more mature 
organizations in relation to new markets that they want to penetrate and the difficulty they might 
have in sending machines from corporate to the remote offices. Another possibility would be around 
educational institutions and cloud email solutions such as those offered as a part of Office 365. These 
institutions can manage all users in Azure AD and provide access to cloud email and control access to 
other resources like Microsoft SharePoint Online. 
Finally, it is important to highlight not only the variations between the different methods and how 
users will be affected, but also what they will be able to do. Table 4-1 lists some of the key differences. 

127 
CHAPTER 4 | Security and identity 

Download 13,37 Mb.

Do'stlaringiz bilan baham: