Mastering Identity and Access Management with Microsoft Azure

上QQ阅读APP看书，第一时间看更新

Creating and managing users and groups

In the next steps, we connect to our Azure AD and generate the test users and groups.

Start the Azure AD PowerShell console and connect to Azure AD by executing the following cmdlets and scripts:

$msolcred = get-credential
# Enter your global administrator credentials
connect-msolservice -credential $msolcred
C:\Configuration\HRExports\HRImportToAAD.ps1

Alternatively, you can also use connect-msolservice directly to connect without the use of a variable.

After starting the script, go directly to https://portal.azure.com with your admin@domain.onmicrosoft.com credentials. Select the users' section under your Azure AD. You should find the users from the HireUsers.csv file under the All users tab:

Azure AD portal user management

Open https://portal.office.com | Admin | Active Users, and you can see your users with active licenses in Office 365:

Office 365 user management

Let's create three example groups to represent the company organization with the following script:

C:\Configuration\HRExports\AddOrgGroups.ps1

Now, you will see the created groups:

Azure AD group management

Test your configuration, open https://myapps.microsoft.com, and log in with the user Don.Hall@domain.onmicrosoft.com, and you should see Office 365 SharePoint, Outlook, and many applications in the access panel UI. Click Outlook, and you should be able to open the app without additional login information to access your mailbox:

User Inbox dialog

In the next steps, we provide an owner to our organizational groups.