By now, most experienced IT professionals and businesses should know Office 365. However, there’s a lot of Microsoft branding confusion between Azure AD support and Microsoft 365 that I will try to clarify in this post. Let’s start with the basics of Office 365 and what features comes with it.
- Need a more basic introduction to Intune offered in Microsoft 365?
- We provide more context to why MDM security AKA Intune is more important than every with the work from anywhere revolution happening now. Follow this link for guiding you through the initial steps of Windows 10 setup, joining Azure Active Directory, and integrating Intune as the final piece of the puzzle.
- Azure Active Directory is nothing more than an identity service but it is critical piece for getting Intune going. The identity service provides single sign using OAUTH2 or SAML. Your organization has the ability to join Azure AD with Office 365. The Intune post above elaborates more on this point.
IMPORTANT FACTS TO KNOW. If your organization has a paid subscription to Office 365, Microsoft Dynamics CRM Online, Enterprise Mobility Suite, or other Microsoft services, you have a free subscription to Microsoft Azure Active Directory. You and other admins can use Azure AD to create and manage user and group accounts. To use Azure AD, just go to the Azure portal and sign in using your Office 365 account.
Azure AD Resources:
Setup Office 365 Business Premium. Selecting this option allows you to install Business Premium AKA desktop office suite on your computer or others computer within your organization. This is the most common setup in an office environment.
- Add New Users – Office 365 vs Azure AD
- Is it best practice to create users through Azure AD interface over office 365 admin interface?
- Yes, not exactly is it a case of best practice. The choice is dependent on your organization requirement, creating users through Azure AD for office 365 or Creating the users from Azure Portal directly are both possible. The better question to ask is will I be managing a traditional IT environment and a Office 365 environment. Keep reading…
- I need both AD authentication setup and a mailbox through office 365?
- Authentication models depend if you have or don’t have an existing Active Directory environment on-premises, you have several options to manage authentication and identity services for your users with Office 365.
This is a nice advertise for Microsoft but what is the ideal network workflow for a business?
Ideally, most small business should opt for Microsoft 365 suite of products that include the following if no legacy on-site server infrastructure is a part of the equation but we do not live in an ideal world. There’s a lot of legacy network systems that still requires traditional Active Directory components of LDAP. Read the ” Components of the Microsoft 365 solution” here. Not the 80% of businesses above ten users that neeed all that? Continue on below.
- A combination of Office 365 products
- Office 365 Business Premium
- Office 365 Business Essentials
- Enterprise Mobility + Security E3 AKA E3. E3 comes with the following features (300 users plus package but some smaller environments may use the package for it’s HIPAA and data loss prevention features)
- Cloud App Security Discovery
- Azure Information Protection Plan 1
- Microsoft Intune A direct
- Azure Rights Management
- Azure Active Directory Premium 1
- Microsoft Azure Multi-Factor Authentication
A business of 10 users should be averaging around $100mo for utilizing the E3 services. That’s a separate Microsoft 365 subscription cost from the E3 services. You can also choose alternative Enterprise Mobility Services like E1/E3/E5. EMS Pricing
Microsoft’s traditional solution is typically an on-site or on-premises domain controller utilizing traditional Active Directory Services. Microsoft’s modern cloud-based solution for managing IT devices is called Microsoft 365 but most people called Azure AD
Acronyms and phrases – Azure AD support and Microsoft 365 Breakdown
- Azure AD is a feature of Microsoft umbrella solution called Microsoft 365
- EMS – Enterprise Mobility Suite
- MDM Management is done by Intune
- Traditional Active Directory vs Modern Windows 10 Management
- Microsoft Intune
- Configuration Management in Azure AD
More on Azure AD
Azure AD is *not* a domain. Azure AD is fundamentally different than a domain environment.
Azure AD accounts use the firstname.lastname@example.org naming format. But it should not be mistaken as an email address. A user *may* have the same email, but it isn’t necessary. If you create an Azure AD tenant, and create an Azure AD user in the portal, that account can be used to log into a windows 10 that is joined to the same Azure AD tenant using the email@example.com account format even if no email is associated with that account.
With that said, no there are no other formats (such as the old-school NetBIOS\username format of old) that works. In Azure AD, it will always be firstname.lastname@example.org
Windows 10 Management
This was traditionally called Group Policy Management when you managed computers in a local hosted domain controller environment. Here are the modern Windows 10 management strategies, using Configuration Manager and Microsoft Intune
Where to go from here?
Maybe you have to purchase some additional Microsoft 365 products. Here’s a quick glance of how subscriptions look under Microsoft 365. Basically, we have the user name, email address, and the subscription type that can include one or subscriptions for each user. It’s highly advisable your team prunes down the licenses to save on costs. It’s safe to say you may want a resource for not only doing that but adding users to Azure AD and or Office 365. Don’t worry, we have more Azure AD support and Microsoft 365 answers here.
Azure AD support and Microsoft 365 Branding Breakdown Summary
Hosted O365 Resources:
Exchange or Mail Locally Hosted On-Site Resources:
Hosted or Local Hosted Links:
Follow the link for further details and documentations: