Tuesday, January 12, 2021

A fresh new user in Azure Active Directory

 Another of our top 3 is Azure Active Directory.  Active Directory is an authorization and authentication store.  It is where we can create users and assign them passwords.  Passwords are one form of authentication, we will get to play with a few more since we are the owners of this Active Directory (AD) instance.

Start in the portal and click on the hamburger in the top left (the stack of short lines) and then on <all resources>

You should see a list of the resources we have created thus far
We only get one Active Directory and we haven't created one yet.  They don't create it for you because it uses resources and the initial data you populate is foundational and really hard to change after it is created.  No pressure or anything, you can always remove it and re-create it.  Click on <+add>
Type active directory in the search bar and click on <azure active directory>
Click on <create>

Type in your Organization name, the Initial domain name, and click <create>
Once your new tenant has been created, click on <click here to manage your new tenant>
You will then be forced to log back in.  Notice the URL that you are redirected to
For me, the URL starts with :
https://login.microsoftonline.com/mynewsecretproject.onmicrosoft.com/oauth2/v2.0/authorize
Notice that the part in italics above is the same thing we had for our Initial domain name.  Active Directory controls authorization and authentication for a domain.  Before we were all cloudy, enterprises and small businesses would have Domain Controllers which ran AD.  Microsoft is hosting our domain within it's own tenant and we are about to log into it!  Exciting!
To log in, just click on your email address
You are already authenticated to the Azure Portal and your token or authentication receipt has not expired yet.
There is a ton of stuff to explore here, but for now let's dive right in a create a user by clicking on <users> in the left menu
First, note that there is currently only one user in the Domain, you.  Now click on <+ new user>

Type in your fake user's User name, Name, First name, and Last name and scroll down

Click on the radio button beside Let me create the password and enter your password.  Then choose the Usage Location and scroll down to the bottom of the page

Then click Create
Now your user shows up in the list of users!  



We aren't doing anything with it yet, but that user will come in handy later.  Make sure to remember your password!