First of all, lets summarize what just happened
- Azure Active Directory Application Proxy just went into General Availability
- Azure Active Directory Premium is now available for all Office 365 customers either in Direct or through MOSP
- Azure Active Directory received four enhancements.
- Administrative Units – Public Preview
- New SSO capabilities for SaaS apps – Public Preview
- Password writeback enters General Availability
- Security questions for Self-Service Password Reset – Public Preview
Read the official blog post here
Azure Active Directory Application Proxy (AADAP)
Recently I blogged about this topic, read more here. Basically what AADAP does it to create a proxy application in the cloud that allows you to connect to your internal on-premises application in a secure matter. This is a great tool if we don’t have a publication platform on-premises today.
Azure Active Directory Premium in Direct/MOSP for Office 365
We now have Azure AD Premium available for direct online purchase, using a credit card, in the Office 365 admin portal (you do not need to be an existing Office 365 customer to buy). This opens a new world of features for the SMB market!
Azure Active Directory – Administrative Units
We can now delegate administrative access to Azure AD. In this release it’s only available through PowerShell. The consept is that we can for instanve have Global Admins as before, but we can now also have Regional Admins. Within their region they can manage users, devices, applications and policies.
Azure Active Directory – Custom additon of SaaS applications
If we search for an SaaS application, and it’s not available, we can add the application as a unlisted app, and then configure SSO as we like.
Azure Active Directory – Password writeback enters GA
This isn’t something new, but it’s released into GA. This means that we can use this in production with good confidence. Note that this feature require Azure AD Premium.
Azure Active Directory Password Reset – Security Questions
We have now the posibility to add security questions as one of the authentication methods when users need to change their password. The value of this is that the user don’t need ther phone or alternative email address available when resetting.