What better birthday present could I have from Microsoft than to read Alex Simons blog post. Azure AD administration is in preview in the new portal. Hooray! To explain why this is so important and such a bit thing I need to outline a little bit of Microsoft Azure history.
First there was Windows Azure (let’s call it V1)
This was based on Azure Service Management (ASM) and used the Azure portal as shown below. (This is now known as the Classic or Management Portal). The URL points to the legacy nature of this portal http://manage.windowsazure.com
The services available in this portal grew over time from a few to lots! This portal was designed to be used and accessed by Subscription administrators and co-owners. Everyone who had access to the portal had full admin rights over the objects. Which in most day to day usage is a severe disadvantage. In lower level management it meant that bulk actions became tricky and starting and stopping multiple Virtual Machines (VM) was also a problem.
This led to the introduction of a brave new world of Microsoft Azure (or v2) which was based around Azure resource management (ARM). This is represented to the world through the New Portal (which has had names such as Preview Portal, Ibiza Portal and now just the Azure Portal). The URL is now http://portal.azure.com as shown below.
This new portal opened the possibilities of full Role Based Access (RBAC) and was aimed at a subset of users of various levels of rights and permissions. It also introduced resource groups which are buckets that can contain multiple objects of multiple classes, so VM’s, Networks, etc. This allowed administrators to create a Resource Group and provide a whole environment for a number of users or developers to make use of. All the resources in that group can be started , stopped and deleted as one.
Each view of the portal is limited to one Azure Active Directory but the user can scroll through each Azure AD to which he has access. This new ARM model also allows for objects to be created using templates, in this instance Azure uses JSON templates 9java Script Object Notification). This allows for scripting and automating just about everything that Azure can do.
Due to the nature of the beast there is currently a need to use both Portals to have complete control of your Azure subscription, one of the most important features missing from the ARM portal was Azure Active Directory administration. As of 12/9/2016 this has now been put right. The preview is live.
Azure AD Team news
The blog post from the Azure AD team does an excellent job of outlining some of the features, so its not worth repeating here.
The interface is logical and works well for me, its easy to see many more things at a glance that you could in the classic portal.
Here you can see the steps to configure resetting passwords.
To me this is the coming of age of the new Portal and very soon I will have no need at all (other than top level subscription functions) to visit the http://manage.windowsazure.com site.
There is a quick video tutorial here
Your Azure AD Administration
My top tip is to add the Azure Active Directory administration tab to your permanent menu of items.
To do that from the main portal dashboard, click More Services and type Azure in the search box at the top – to the right of the Azure Active Directory PREVIEW is a star, click the star
The Azure Active Directory tab will then be pinned to the dashboard services list.
Over the next few months this will become the home of Azure AD administration, an excellent start with some seriously good features. I will be investigating further and reporting back!