Export (0) Print
Expand All
7 out of 9 rated this helpful - Rate this topic

Azure Active Directory Premium

Published: November 21, 2013

Updated: April 3, 2014

Applies To: Windows Azure

Built on top of a large set of free capabilities in Microsoft Azure Active Directory, Active Directory Premium provides a robust set of more advanced features to help empower enterprises with more demanding identity and access management needs. When you subscribe to Azure, you get your choice of the following free and paid editions of Azure AD:

  • Active Directory Free - With the Free edition of Azure AD you can manage user accounts, synchronize with on-premises directories, get single sign on across Azure, Office 365 and thousands of popular SaaS applications like Salesforce, Workday, Concur, DocuSign, Google Apps, Box, ServiceNow, Dropbox, and more.

  • Active Directory Premium - With the Premium edition of Azure AD you get all of the capabilities that Free has to offer, plus feature-rich Enterprise-level identity management capabilities explained below.

To sign up and start using Active Directory Premium today, see Getting started with Azure AD Premium.

Active Directory Premium edition is a paid offering of Azure AD and includes the following features:

  • Company branding – To make the end user experience even better, you can add your company logo and color schemes to your organization’s Sign In and Access Panel pages. Once you’ve added your logo, you also have the option to add localized versions of the logo for different languages and locales.

    For more information, see Add company branding to your Sign In and Access Panel pages.

  • Group-based application access – Use groups to provision users and assign user access in bulk to over 1200 SaaS applications. These groups can either be created solely in the cloud or you can leverage existing groups that have been synced in from your on-premises Active Directory.

    For more information, see Assign access for a group to a SaaS application.

  • Self-service password reset – Azure has always provided self-service password reset for directory administrators. With Azure AD Premium, you can now further reduce helpdesk calls whenever your users forget their password by giving all users in your directory the capability to reset their password using the same sign in experience they have for Office 365.

    For more information, see Self-service password reset for users.

  • Self-service group management - Azure AD Premium simplifies day-to-day administration of groups by enabling users to create groups, request access to other groups, delegate group ownership so others can approve requests and maintain their group’s memberships.

    For more information, see Enable self-service group management for users.

  • Advanced security reports and alerts – Monitor and protect access to your cloud applications by viewing detailed logs showing more advanced anomalies and inconsistent access pattern reports. Advanced reports are machine learning-based and can help you gain new insights to improve access security and respond to potential threats.

    For more information, see View your access and usage reports.

  • Multi-Factor Authentication - Multi-Factor Authentication is now included with Premium and can help you to secure access to Azure, Microsoft Online Services like Office 365 and Dynamics CRM Online, and over 1200 Non-MS Cloud services preintegrated with Azure AD. Simply enable Multi-Factor Authentication for Azure AD identities, and users will be prompted to set up additional verification the next time they sign in.

    For more information, see Adding Multi-Factor Authentication to Azure Active Directory.

  • Forefront Identity Manger (FIM) - Premium comes with the option to grant rights to use a FIM server (and CALs) in your on-premises network to support any combination of Hybrid Identity solutions. This is a great option if you have a variation of on-premises directories and databases that you want to sync directly to Azure AD. There is no limit on the number of FIM servers you can use, however, FIM CALs are granted based on the allocation of an Azure AD premium user license.

    For more information, see Deploy FIM 2010 R2.

  • Enterprise SLA of 99.9% - We guarantee at least 99.9% availability of the Azure Active Directory Premium service.

    For more information, see Active Directory Premium SLA

Azure AD Premium has more advanced capabilities to help streamline Enterprise-level administrative tasks and make an admins life easier. The following table describes common admin benefits and how signing up for Azure AD Premium helps to simplify them.

 

Admin Benefits Features Azure AD Free Azure AD Premium

Manage your cloud directory and how your accounts are synchronized

Directory as a service

       Checklist
Up to 500K objects

        Checklist
No object limit

Directory synchronization tool – For syncing between on-premises Active Directory and Azure AD

       Checklist

        Checklist

Forefront Identity Manager (FIM) server licenses – For syncing between on-premises databases and/or directories and Azure AD

        Checklist

High availability SLA uptime (99.9%)

        Checklist

Centrally administer accounts and control access to your applications

User and group management using UI or Windows PowerShell cmdlets

       Checklist

        Checklist

User-based application access management and provisioning

       Checklist

        Checklist

Access Panel portal for SSO-based user access to SaaS and custom applications

       Checklist
Up to 10 apps per user

        Checklist
No app limit

Group-based application access management and provisioning

        Checklist

Customization of company logo and colors to the Sign In and Access Panel pages

        Checklist

Empower your users & reduce support costs

Self-service change password for cloud users

       Checklist

        Checklist

Self-service group management for cloud users

        Checklist

Self-service reset password for cloud users

        Checklist

Monitor security and enforce additional verification methods to mitigate risks

Standard security reports

       Checklist

        Checklist

Advanced anomaly security reports (machine learning-based)

        Checklist

Advanced application usage reporting

        Checklist

Multi-Factor Authentication service for cloud users

        Checklist

Multi-Factor Authentication server for on-premises users

        Checklist

See Also

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.