Microsoft has released a preview of new group management capabilities for Windows Azure Active Directory (AD), further narrowing the features gap between the on-premise and cloud-based implementations of the company’s user-management technology platform.
“Admins can now add, delete and manage the membership of security groups directly in Windows Azure AD in the cloud,” Alex Simons, director of programme management for Microsoft Active Directory, wrote in a blog post. The preview, as expected, allows “directory administrators [to] create security groups they can use to manage access to applications and to resources, such as SharePoint sites”.
A “future release” of Windows Azure AD will include mail-enabled groups for Exchange, Simons wrote.
1. Create or delete new security groups in Windows Azure Active Directory, and manage membership in these groups. These groups can be used to control access to resources, such as a SharePoint site in Office 365.
2. See groups in your Windows Azure AD that were synchronised from your local Active Directory, or created in Office 365. The management of these groups remains in your local Active Directory or in Office 365; these groups can’t be updated in the Windows Azure Management Portal.
3. Assign access for a group to a software-as-a-service (SaaS) application if you’re using Windows Azure AD Premium.
The new Windows Azure AD management options offer visibility into groups sourced from local Active Directory deployments or Office 365, provided that directory synchronisation is configured.
As indicated by Staiman, local Active Directory management rights don’t transfer to Azure, meaning that administrators will be required to log in to their on-premise environments to make changes. Likewise, Office 365 distribution groups and mail-enabled security groups, while visible in Windows Azure AD, “must continue to be managed in the Exchange Admin Centre,” Staiman said.
Microsoft is streamlining cloud application user management with new Windows Azure AD Premium features. “One of the cool features of Windows Azure AD Premium is the ability to use groups to assign access to a SaaS application that’s integrated with Windows Azure AD,” Staiman said.
The time-saving option allows administrators to assign cloud apps to entire departments, for example, and automatically configure or revoke access to apps when employees transition into or out of groups. “This capability can be used with hundreds of applications that you can add from within the Windows Azure AD Application Gallery,” said Staiman.
Microsoft has more Windows Azure AD group management capabilities in the works. Staiman said his company is working on enabling “administrators to create and manage nested groups in the Windows Azure Management Portal” and let them “see and manage the groups in which a particular user is a member.” Finally, his team is working on ways to allow “end users to create and manage their own groups,” he added.
Do you know all about Microsoft Windows Phone? Take our quiz.
Originally published on eWeek.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…