{"id":98190,"date":"2024-11-26T16:12:33","date_gmt":"2024-11-26T10:42:33","guid":{"rendered":"https:\/\/www.whizlabs.com\/blog\/?p=98190"},"modified":"2025-03-26T16:22:09","modified_gmt":"2025-03-26T10:52:09","slug":"understanding-microsoft-entra-id-enhancing-security","status":"publish","type":"post","link":"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/","title":{"rendered":"What is Microsoft Entra ID and How It Enhances Security"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">In this blog post, we\u2019ll focus on Microsoft Entra ID, Microsoft\u2019s identity platform designed to manage user authentication and secure access to both cloud and on-premises resources. This includes how Microsoft Entra Connect integrates with existing on-premises Active Directory (AD), configuring Role-Based Access Control (RBAC) and as well as licensing management, which are the critical topics covered in the <\/span><a title=\"AZ-104 Microsoft Azure Administrator\" href=\"https:\/\/www.whizlabs.com\/microsoft-azure-certification-az-104\/\" target=\"_blank\" rel=\"noopener\"><b>AZ-104 Microsoft Azure Administrator<\/b><\/a><span style=\"font-weight: 400;\"> exam. This guide will help you in understanding the key concepts of Microsoft Entra ID and how they fit into the Azure Identity ecosystem.<\/span><\/p>\n<p>&nbsp;<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_76 ez-toc-wrap-left counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ea7e02;color:#ea7e02\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ea7e02;color:#ea7e02\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/#What_is_Microsoft_Entra_ID\" >What is Microsoft Entra ID<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/#Key_Features_of_Microsoft_Entra_ID\" >Key Features of Microsoft Entra ID<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/#Who_uses_Microsoft_Entra_Id\" >Who uses Microsoft Entra Id ?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/#How_Does_Microsoft_Entra_ID_Work\" >How Does Microsoft Entra ID Work?<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/#Typical_Use_Cases\" >Typical Use Cases<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/#Integration_of_On-Premises_Directories_using_Microsoft_Entra_Connect\" >Integration of On-Premises Directories using Microsoft Entra Connect<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/#Key_Features_of_Microsoft_Entra_Connect\" >Key Features of Microsoft Entra Connect:<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/#Why_use_Microsoft_Entra_Connect\" >Why use Microsoft Entra Connect ?<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/#Microsoft_Entra_ID_Licenses\" >Microsoft Entra ID Licenses<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/#Types_of_Entra_ID_Licenses\" >Types of Entra ID Licenses<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/#Role-Based_Access_Control_RBAC_in_Microsoft_Entra_ID\" >Role-Based Access Control (RBAC) in Microsoft Entra ID<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/#Key_Features_of_RBAC\" >Key Features of RBAC<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/#Common_RBAC_Use_Cases\" >Common RBAC Use Cases<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/www.whizlabs.com\/blog\/understanding-microsoft-entra-id-enhancing-security\/#Conclusion\" >Conclusion<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"What_is_Microsoft_Entra_ID\"><\/span><b><br \/>\nWhat is Microsoft Entra ID<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Microsoft Entra ID, formerly known as Azure Active Directory (Azure AD) is an identity and access management (IAM) service operated in the cloud and owned by Microsoft. It focuses on managing authentication, authorization, and directory services for all of your applications, users and devices.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Organizations with the intention of transferring their identity management to the cloud will find Microsoft Entra ID useful. It ensures that employees, customers and partners are securely connected to the right applications and data by integrating on premises and cloud resources.<\/span><\/p>\n<p><img decoding=\"async\" class=\"alignnone size-full wp-image-98194\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id.webp\" alt=\"what is microsoft entra id\" width=\"1536\" height=\"818\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id.webp 1536w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-300x160.webp 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-1024x545.webp 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-768x409.webp 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-150x80.webp 150w\" sizes=\"(max-width: 1536px) 100vw, 1536px\" \/><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Key_Features_of_Microsoft_Entra_ID\"><\/span><b>Key Features of Microsoft Entra ID<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><img decoding=\"async\" class=\"alignnone size-full wp-image-98195\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-microsoft-entra-id.webp\" alt=\"key features of microsoft entra id \" width=\"1536\" height=\"813\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-microsoft-entra-id.webp 1536w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-microsoft-entra-id-300x159.webp 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-microsoft-entra-id-1024x542.webp 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-microsoft-entra-id-768x407.webp 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-microsoft-entra-id-150x79.webp 150w\" sizes=\"(max-width: 1536px) 100vw, 1536px\" \/><\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li><b>Single Sign-On (SSO)<\/b><span style=\"font-weight: 400;\">: Once users log in, they have access to multiple applications instantly which increases efficiency and decreases the number of password related problems.<\/span><\/li>\n<li><b>Multi-Factor Authentication (MFA)<\/b><span style=\"font-weight: 400;\">: Helps increase the strength of security by necessitating that users performing a log in process should provide something additional like a text message or app notifications apart from their password.<\/span><\/li>\n<li><b>Conditional Access<\/b><span style=\"font-weight: 400;\">: It provides the guidelines on when and how individual users or application resources can be accessed by taking into consideration the time, place, device used as well as the current level of risk<\/span><span style=\"font-weight: 400;\">.<\/span><\/li>\n<li><b>Identity Protection<\/b><span style=\"font-weight: 400;\">: Applies policies that are risk based to identify and act to threats or any activities that seem to be extortion or impersonation.<\/span><\/li>\n<li><b>Self-Service Password Reset<\/b><span style=\"font-weight: 400;\">: Enables specific users to change their passwords without the hunt for IT assistance, thereby minimizing help desk activity and achieving more productivity.<\/span><\/li>\n<li><b>Directory Synchronization<\/b><span style=\"font-weight: 400;\">: Links local directories such as on-premises Active Directory and cloud computing to allow uniformity in identity management in both settings on the web<\/span><span style=\"font-weight: 400;\">.<\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Who_uses_Microsoft_Entra_Id\"><\/span><b>Who uses Microsoft Entra Id ?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><a title=\"Microsoft Entra ID\" href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/fundamentals\/whatis\" target=\"_blank\" rel=\"nofollow noopener\"><b>Microsoft Entra ID<\/b><\/a> <span style=\"font-weight: 400;\">gives different benefits to the members in the organization based on their role:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>IT Admins<\/b><span style=\"font-weight: 400;\">: Entra Id can also be used by IT admins when the app\u2019s requirements are specific to the business needs for instance, as an IT Administrator a person has to be enabled with Multifactor Authentication for the purposes of resource access.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>App Developers<\/b><span style=\"font-weight: 400;\">: For app developers, Microsoft Entra ID has been included on the design to Development of applications that add single sign-on to an application without disagreement with the existing users\u2019 credentials<\/span><span style=\"font-weight: 400;\">.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Microsoft 365<\/b><span style=\"font-weight: 400;\">: Users subscribing to Office 365, Azure or Dynamic CRMs Online already deploy Microsoft Entra ID. The integrations you have developed are within our control and we are able to use them<\/span><span style=\"font-weight: 400;\">.<\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"How_Does_Microsoft_Entra_ID_Work\"><\/span><b>How Does Microsoft Entra ID Work?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Microsoft Entra ID operates as the centralized hub to handle managed identities. It helps the users to sign-in and control access to different services, no matter if they&#8217;re hosted on-site or in the cloud.<\/span><\/p>\n<p><b>Managing of Identities<\/b><span style=\"font-weight: 400;\">:<br \/>\nThis system includes capabilities of user, group, and gadget info tracking. What is even great is the fact that there are rules on what identities are able to enter, all done via the cloud. These identities are the keys to let users sign in and do stuff, depending on what they are allowed to do<\/span><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p><img decoding=\"async\" class=\"alignnone size-full wp-image-98199\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/managing-of-identities.webp\" alt=\"managing of identities\" width=\"1536\" height=\"453\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/managing-of-identities.webp 1536w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/managing-of-identities-300x88.webp 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/managing-of-identities-1024x302.webp 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/managing-of-identities-768x227.webp 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/managing-of-identities-150x44.webp 150w\" sizes=\"(max-width: 1536px) 100vw, 1536px\" \/><\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Authentication:<\/b> <span style=\"font-weight: 400;\"><span style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">There are quite several methods of signing in because Entra ID enables users to sign in using OAuth 2.0, OpenID Connect, or SAML. Thus, this allows them to take their login information and access what they need either via the cloud or otherwise in some computer in the establishment.<\/span><\/span><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Authorization:<\/b> <span style=\"font-weight: 400;\"><span style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">As soon as users gain access, it is Entra ID that verifies what exactly they are permitted to do and what the contours of permissions are through utilization of roles and permissions.<\/span><\/span><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Access Management:<\/b> <span style=\"font-weight: 400;\">\u00a0All Entra ID does is manage access for Office 365, Salesforce, and legacy applications, as well as things that are not in the cloud<\/span><span style=\"font-weight: 400;\">.<\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Typical_Use_Cases\"><\/span><b>Typical Use Cases<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>User Authentication for SaaS Applications<\/b><span style=\"font-weight: 400;\">: Entra ID handles sign-in duties across various apps, including the ones made by others.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Mobile and Remote Worker Access<\/b><span style=\"font-weight: 400;\">: Entra ID ensures safe entry for users working from far away, what with its MFA and needs-based entry rules.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Guest User Collaboration<\/b><span style=\"font-weight: 400;\">: Entra ID makes it cool for companies to let outside peeps (like partners vendors) get their hands on company stuff .<\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Integration_of_On-Premises_Directories_using_Microsoft_Entra_Connect\"><\/span><b>Integration of On-Premises Directories using Microsoft Entra Connect<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Organizations that operate in a hybrid environment where there are both onsite and offsite resources such as cloud based resources, would find Microsoft Entra Connect integration very vital, in that it makes it easier for the users and applications by integrating on premise Active Directory and Microsoft Entra ID<\/span><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Key_Features_of_Microsoft_Entra_Connect\"><\/span><b>Key Features of Microsoft Entra Connect:<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><img decoding=\"async\" class=\"alignnone size-full wp-image-98273\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-microsoft-entra-connect.webp\" alt=\"key features of microsoft entra connect\" width=\"1536\" height=\"699\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-microsoft-entra-connect.webp 1536w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-microsoft-entra-connect-300x137.webp 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-microsoft-entra-connect-1024x466.webp 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-microsoft-entra-connect-768x350.webp 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-microsoft-entra-connect-150x68.webp 150w\" sizes=\"(max-width: 1536px) 100vw, 1536px\" \/><\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Directory Synchronization:<\/b><span style=\"font-weight: 400;\"> Microsoft<\/span><span style=\"font-weight: 400;\">\u00a0Entra Connect interacts with user identity from an on-premise active directory as and Microsoft Entra <\/span><span style=\"font-weight: 400;\">.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Hybrid Identity:<\/b><span style=\"font-weight: 400;\">\u00a0<\/span><span style=\"font-weight: 400;\">Through this feature, users will be able to use SSO (single sign-on) to both on-premise and cloud applications which then makes it easy for the users to migrate to the cloud<\/span><span style=\"font-weight: 400;\">.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Password Hash Synchronization:<\/b><span style=\"font-weight: 400;\">\u00a0<\/span><span style=\"font-weight: 400;\">This makes it such that users do not have to provide different passwords for on-premise primary AD and the Microsoft Entra<\/span><span style=\"font-weight: 400;\">.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Federation with Active Directory Federation Services (ADFS):<\/b><span style=\"font-weight: 400;\">\u00a0<\/span><span style=\"font-weight: 400;\">In case it is needed, Microsoft Entra Connect can work in conjunction with ADFS creating more options for organizations that maintain strict authentication policies<\/span><span style=\"font-weight: 400;\">.<\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Why_use_Microsoft_Entra_Connect\"><\/span><b>Why use Microsoft Entra Connect ?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">The use of Microsoft Entra Connect eliminates the hassle of managing two realms, since there is no need for a single user to have different identities in the on-premises infrastructure as well as in the cloud<\/span><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Microsoft_Entra_ID_Licenses\"><\/span><b>Microsoft Entra ID Licenses<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Microsoft Entra ID is capable of meeting different needs from various institutions. Licenses are thus determined by the required features and functionality.<\/span><span style=\"font-weight: 400;\">.<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Types_of_Entra_ID_Licenses\"><\/span><b><br \/>\nTypes of Entra ID Licenses<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><img decoding=\"async\" class=\"alignnone size-full wp-image-98197\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/types-of-entra-id-licenses.webp\" alt=\"types of entra id licenses\" width=\"1536\" height=\"453\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/types-of-entra-id-licenses.webp 1536w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/types-of-entra-id-licenses-300x88.webp 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/types-of-entra-id-licenses-1024x302.webp 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/types-of-entra-id-licenses-768x227.webp 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/types-of-entra-id-licenses-150x44.webp 150w\" sizes=\"(max-width: 1536px) 100vw, 1536px\" \/><\/p>\n<h4><b><br \/>\n<\/b><strong>1. Microsoft Entra ID Free:<\/strong><\/h4>\n<ul>\n<li><span style=\"font-weight: 400;\">Presents an alternative for small institutions or for those in search of the basic IAM capabilities.\u00a0<\/span><\/li>\n<li><span style=\"font-weight: 400;\"><span style=\"font-weight: 400;\"><span style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">It enables cloud users to perform basic actions like user and group management, basic reports, on-premises directory synchronization, self-service password change.<\/span><\/span><\/span><\/span><\/li>\n<\/ul>\n<h4><b>2. Microsoft Entra ID P1:<\/b><\/h4>\n<ul>\n<li><span style=\"font-weight: 400;\">Includes all free features, P1 also lets you hybrid user access with on-premises and cloud resources.<\/span><\/li>\n<li><span style=\"font-weight: 400;\"><span style=\"font-weight: 400;\"><span style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">It also supports advanced administration such as dynamic group membership group, self-service group management.<\/span><\/span><\/span><\/span><\/li>\n<\/ul>\n<h4><b>3. Microsoft Entra ID P2:<\/b><\/h4>\n<ul>\n<li>Includes all the features of P2, plus additional functionalities like Identity Protection, Privileged Identity Management.<\/li>\n<li>This license aims to provide complex security and identity management for enterprises.<\/li>\n<\/ul>\n<p><b>\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 <\/b><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Role-Based_Access_Control_RBAC_in_Microsoft_Entra_ID\"><\/span><b>Role-Based Access Control (RBAC) in Microsoft Entra ID<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">In Microsoft Entra Id, Role-based access control (RBAC) allows for the assignment of access control based on the user&#8217;s role in a work environment. This makes it brief who has access to what information that pertains to their work increasing security and opportunities of a person bearing ill intentions getting access to their work functions decreasing emerging risks<\/span><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Key_Features_of_RBAC\"><\/span><b>Key Features of RBAC<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><img decoding=\"async\" class=\"alignnone size-full wp-image-98198\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-rbac.webp\" alt=\"key features of rbac\" width=\"1536\" height=\"699\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-rbac.webp 1536w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-rbac-300x137.webp 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-rbac-1024x466.webp 1024w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-rbac-768x350.webp 768w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/key-features-of-rbac-150x68.webp 150w\" sizes=\"(max-width: 1536px) 100vw, 1536px\" \/><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Predefined Roles<\/b><span style=\"font-size: 16px; font-weight: 400;\">: Entra ID comes with a set of built in roles like Global Administrator, User Administrator and Security Reader and others.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Custom Roles<\/b><span style=\"font-size: 16px; font-weight: 400;\">: <\/span><span style=\"font-size: 16px; font-weight: 400;\">For organizational needs, administrators can design roles that are unique and outside the predefined roles with a set of permissions.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Granular Permissions<\/b><span style=\"font-size: 16px; font-weight: 400;\">: <\/span><span style=\"font-size: 16px; font-weight: 400;\"><span style=\"font-size: 16px; font-weight: 400;\">Through RBAC, administrators do not have to worry about misuse of access resources because even users or groups have limited resources.<\/span><\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Delegated access<\/b><span style=\"font-weight: 400;\">: We can share the role of accounts administration but the account control does not have to be total<\/span><span style=\"font-weight: 400;\">.<\/span><\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"Common_RBAC_Use_Cases\"><\/span><b><br \/>\nCommon RBAC Use Cases<br \/>\n<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><b>Assigning Admin Roles<\/b><span style=\"font-weight: 400;\">:<br \/>\nFor instance with Global Administrator, a person can use Microsoft Entra ID to control all its aspects. However, with User Administrator restricted to all user accounts and passwords.<br \/>\n<\/span><\/p>\n<p><b>Limiting Access to Applications<\/b><span style=\"font-weight: 400;\">:<br \/>\nBased on RBAC design, applications will have access restriction based on the user role thus preventing unauthorized users.<\/span><\/p>\n<p><b>Resource Management<\/b><span style=\"font-weight: 400;\">:<br \/>\nRBAC may also assist with controlling access to cloud assets in such a way that the users have the required level of rights and permissions to manage applications.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Conclusion\"><\/span><b>Conclusion<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Microsoft Entra ID is not just the cloud version of the Active Directory; it enhances the management of the resources on the premises as well as the cloud infrastructure. It assists in the security of the cloud resources, the management of identities, and the facilitation of collaboration. With <\/span><a title=\"Hands-on labs\" href=\"https:\/\/www.whizlabs.com\/labs\/library\/\" target=\"_blank\" rel=\"noopener\"><b>Hands-on labs<\/b><\/a> <span style=\"font-weight: 400;\">and <\/span><a title=\"Azure Sandbox\" href=\"https:\/\/www.whizlabs.com\/azure-sandbox\/\" target=\"_blank\" rel=\"noopener\"><b>Azure Sandbox<\/b><\/a><span style=\"font-weight: 400;\">, we are able to engage in creating users, groups at the Entra level<\/span><span style=\"font-weight: 400;\">.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this blog post, we\u2019ll focus on Microsoft Entra ID, Microsoft\u2019s identity platform designed to manage user authentication and secure access to both cloud and on-premises resources. This includes how Microsoft Entra Connect integrates with existing on-premises Active Directory (AD), configuring Role-Based Access Control (RBAC) and as well as licensing management, which are the critical topics covered in the AZ-104 Microsoft Azure Administrator exam. This guide will help you in understanding the key concepts of Microsoft Entra ID and how they fit into the Azure Identity ecosystem. &nbsp; What is Microsoft Entra ID Microsoft Entra ID, formerly known as Azure [&hellip;]<\/p>\n","protected":false},"author":436,"featured_media":98192,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"default","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[4828],"tags":[5034,3260,3291],"class_list":["post-98190","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-365","tag-az-104","tag-azure-az-104-microsoft-azure-administrator","tag-microsoft-azure-administrator"],"uagb_featured_image_src":{"full":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security.webp",1536,864,false],"thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security-150x150.webp",150,150,true],"medium":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security-300x169.webp",300,169,true],"medium_large":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security-768x432.webp",768,432,true],"large":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security-1024x576.webp",1024,576,true],"1536x1536":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security.webp",1536,864,false],"2048x2048":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security.webp",1536,864,false],"profile_24":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security-24x24.webp",24,24,true],"profile_48":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security-48x48.webp",48,48,true],"profile_96":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security-96x96.webp",96,96,true],"profile_150":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security-150x150.webp",150,150,true],"profile_300":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security-300x300.webp",300,300,true],"tptn_thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security-250x250.webp",250,250,true],"web-stories-poster-portrait":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security-640x853.webp",640,853,true],"web-stories-publisher-logo":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security-96x96.webp",96,96,true],"web-stories-thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2024\/11\/what-is-microsoft-entra-id-and-how-it-enhances-security-150x84.webp",150,84,true]},"uagb_author_info":{"display_name":"Swetha Selvakumar","author_link":"https:\/\/www.whizlabs.com\/blog\/author\/swetha-selvakumar\/"},"uagb_comment_info":81,"uagb_excerpt":"In this blog post, we\u2019ll focus on Microsoft Entra ID, Microsoft\u2019s identity platform designed to manage user authentication and secure access to both cloud and on-premises resources. This includes how Microsoft Entra Connect integrates with existing on-premises Active Directory (AD), configuring Role-Based Access Control (RBAC) and as well as licensing management, which are the critical&hellip;","_links":{"self":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/98190","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/users\/436"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/comments?post=98190"}],"version-history":[{"count":28,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/98190\/revisions"}],"predecessor-version":[{"id":98274,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/98190\/revisions\/98274"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/media\/98192"}],"wp:attachment":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/media?parent=98190"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/categories?post=98190"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/tags?post=98190"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}