Windows Azure Active Directory Preparation

Applies to: Office 365 Deployment Guide for Enterprises

Topic Last Modified: 2013-04-08

After you’ve planned how you’re going to integrate your on-premises directory with Windows Azure Active Directory, the preparation tasks include cleaning up your internal directory, deploying identity provisioning tools, deploying a federation infrastructure, and so on. Some of these tasks are specific to using Windows Azure AD with Office 365. Some of the tasks are general Windows Azure AD tasks.

We’ll cover the Office 365-specific tasks in the deployment guide, and then refer you to the Windows Azure AD TechNet articles. They provide conceptual and procedural specifics about the Windows Azure AD tool set.

Regardless of which account management, identity provisioning, and sign-on process you decide to use, a smooth Office 365 deployment depends on a thorough understanding of how identities appear to clients as a result of those choices. This experience is primarily driven by the account management choices you make. If your end users are managed manually through Windows PowerShell or the Office 365 portal, less emphasis is given to the internal directory cleanup. If your end users are managed in an on-premises directory and are synchronized with Office 365, you need to do a more detailed review of the on-premises account values. This review helps ensure that the experience is consistent and the synchronization tools function correctly.

We’ll walk you through the planning steps that are required to implement any of these strategies, including the following:

• Account management: Including account creation, license activation, and password policies
  
• Directory synchronization: Including directory cleanup and Windows Azure Active Directory Sync tool installation
  
• Single sign-on (SSO): Including an effect on accounts and passwords, use of custom links for clients, and SSO installation