Читать книгу MCA Microsoft 365 Teams Administrator Study Guide - Ben Lee - Страница 47

This is available at aad.portal.azure.com (see Figure 1.9). You might wonder why you need to be aware of the Azure admin center to manage Teams, because Azure is not strictly part of the O365 suites. Behind each O365 tenant is an Azure Active Directory (AAD). This acts as the identity management platform storing user accounts, groups, and other security/identity information needed to support the other Microsoft cloud-based products. Think of it in much the same way that the “traditional” Microsoft on-premises server products required Active Directory (AD) to operate.

The user data stored in Azure AD can be synchronized from an on-premises AD environment or it can operate in a stand-alone mode. It can have the following types of identities:

 Cloud identity: Accounts that only exist in AAD.

 Synchronized identity: Accounts that are synchronized from an on-premises AD along with their password information.

 Federated identity: Synchronized from an on-premises AD but without a password. When an account needs to be authenticated this is done through some form of a federation gateway that checks the provided password against the one stored in the on-premises AD, for example using Active Directory Federation Services (ADFS).

FIGURE 1.9 AAD admin center

While the Microsoft 365 admin center lets you perform some basic user management tasks such as updating user information, the Azure Active Directory admin center lets you view and control any settings relating to your user accounts, security groups, permissions, and, most importantly for Teams, control over guest user accounts.

We will cover guest access and what controls are required via AAD in Chapter 3, “Teams Core Functionality,” but for now just be aware that this portal exists and that it plays an important role in managing access to your Teams environment.