Azure – AD Identity Protection

This feature looks to identify activity and assign a risk level. Risk detection and remediation”

All features look to be available in Azure AD Premium P2 and restricted number of features in Azure Premium P1 and Basic/Free.

Key differences are the notifications options only in Azure AD Premium P2.

There are three default polices

  1. User Risk
  2. Sign-In Risk
  3. MFA Registration

Example of the Identity Protection Policies

Reference How To Guides :

  1. How To: Configure the Azure Multi-Factor Authentication registration policy
  2. How To: Configure and enable risk policies
  3. How To : Identity protection configure notifications

Azure – Access Control and Role Assignment

This example shows how to assign a user/group a role to admin virtual machines in a resource group.

How to steps..

Select “Resource Group” > IAM > Add > Select user or group and select a role – Ok

Azure – Register An Application in AD and Generate App Password

How to guide, in Azure register an application in AD and generate app password

In the Azure portal, browse to Azure Active Directory > App Registrations

New Registration

Enter Application details and account types

Next Click > Certificates & Secrets > New client secret

Enter description and Expirey > Click Add

Make sure to copy the value. You can then sign in as the application with the App ID and value.

Azure Conditional Access Policies – Greyed Out

Problem : Azure Conditional Access + “New policy” is greyed out.

Reason : To use Azure Conditional Access Policies, you require “Azure AD Premium”

Solution : License and Setup Azure AD Premium. You are able to setup Azure AD Premium on a 30 Day trial before incurring additional costs

Activate using Free 30 day trial option shown below.