CHAPTER 1 - Managing Azure AD Objects

Question 1

Structure

結構

Answer 1

1. Bulk user creation (批量用戶創建)
2. User creation (用戶創建)
3. Group creation (群組創建)
4. Group management (群組管理)
5. Guest user management (訪客用戶管理)
6. Self-service password reset (自助服務密碼重置)
7. Azure AD Join (Azure AD 加入)

Question 2

Bulk user creation

批量用戶創建

Answer 2

Bulk user creation will help your organization in the onboarding process to be completed soon and other prospects to improve the user creation, which has been joined your organization or existing users’ creation in Azure.

批量用戶創建將幫助你的組織在即將完成的入職過程中和其他潛在客戶改進已加入你的組織或現有用戶在 Azure 中創建的用戶創建。

1. Go to Azure Active Directory.
2. Select the Users and click on All users.
3. Click on Bulk Create.

Question 3

User Creation

用戶創建

Answer 3

1. Go to Azure Active Directory
2. Select the Users and click on All users.
3. Click on the New user.
4. Enter the User name.
5. Provide the Name, First name, and Last name.
6. You can also provide the department number, location, and Job title.
7. Once you provide all the preceding details, click on Create and your users will be created.

Question 4

Group creation

群組創建

Answer 4

1. Click on the Azure AD.
2. Select the groups from the Manage tab.
3. Select All groups.
4. Click on the New group.

Question 5

Group type: Security

Answer 5

It helps to manage users and computer access to shared resources for a specific group.

它有助於管理用戶和計算機對特定組共享資源的訪問。

Question 6

Group type: O365

Answer 6

Using this group, we can provide access to users for a shared mailbox, calendar, files, SharePoint site, and so on.

使用此群組，我們可以為用戶提供共享郵箱、日曆、文件、SharePoint 網站等的訪問權限。

Question 7

Membership Type - Assigned

Answer 7

The administrator will add specific users to the group.

管理員會將特定用戶添加到組中。

Question 8

Membership Type - Dynamic user

Answer 8

It allows users to use dynamic

membership rules and add automatically to the group.

它允許用戶使用動態

成員規則並自動添加到組中。

Question 9

Dynamic Device

Answer 9

It uses the dynamic group rules to add and remove the devices automatically.

它使用動態群組規則自動添加和刪除設備。

Question 10

Group Management

群組管理

Answer 10

1. Once the group is created, you can click on the group and see the properties of the group like membership type, source ID, and so on.
2. Based on the requirements, users can change the group.
3. Click on the Members tab and add the new members.
4. Please click on the Owners tab and add the multiple owners.
5. You can assign the application and see the Azure resources which have been accessed by these group members.
6. You can see the application accessed by this group and manage it.
7. 創建群組後，您可以單擊該組並查看該組的屬性，例如成員資格類型、源 ID 等。
8. 根據需求，用戶可以更改群組。
9. 單擊“成員”選項卡並添加新成員。
10. 請單擊“所有者”選項卡並添加多個所有者。
11. 您可以分配應用程序並查看這些群組成員訪問過的 Azure 資源。
12. 您可以查看該群組訪問的應用程序並對其進行管理。

Question 11

Guest user management

訪客用戶管理

Answer 11

Azure Ad supports the Business to Customer (B2C) and Business to Business (B2B) users where we can allow customers to have access to our Azure AD.

Azure Ad 支持企業對客戶 (B2C) 和企業對企業 (B2B) 用戶，我們可以允許客戶訪問我們的 Azure AD。

1. Go to Azure AD and click on All users.
2. In the right pane, click on New guest user.
3. Select the Invite user.

Provide the name and email ID of the user you want to invite.

提供您要邀請的用戶的姓名和電子郵件 ID。

4. The rest of the fields are optional. You can then click on Invite.

其餘字段是可選的，然後您可以單擊邀請。

Question 12

Self-service password reset(1)

自助服務密碼重置

Answer 12

Azure self-service password reset will help users to reset their password without the help of a help desk administrator. If the user account is locked or if the password expires, the user can unlock/reset the password using a self-service password reset.

Azure 自助密碼重置將幫助用戶在沒有幫助台管理員幫助的情況下重置密碼。如果用戶帳戶被鎖定或密碼過期，用戶可以使用自助密碼重置來解鎖/重置密碼。

1. Please go to your Azure AD.
2. Click on the Password reset tab.
3. Select the users, either All or the selected one. If you click on selected users, it will ask you to choose the group name.
4. Once you are done with this, please click on the Save button.

Question 13

Self-service password reset(2)

自助服務密碼重置

Answer 13

Please select the authentication method as 1 or 2 as per the following methods:

請根據以下方法選擇身份驗證方法為 1 或 2：

1. Mobile app code
2. Email
3. Phone -SMS only
4. Mobile app notification
5. Office phone
6. Security question

Question 14

Self-service password reset(3)

自助服務密碼重置

Answer 14

Once you configure this, you can go to https://passwordreset.microsoftonline.com to reset the password.

1. Please provide your user ID.
2. Enter the characters as per the image and click on the next.
3. Now, you will be able to reset the password.

Question 15

Azure AD join

Answer 15

Azure AD join provides the feature to register your mobile, laptop, and other devices to Azure AD with respect to the size of the device or industry. Azure Ad join works in hybrid environments as well. It enables access to both cloud and on-premises apps.

Azure AD 加入提供了根據設備或行業的規模將你的移動設備、筆記本電腦和其他設備註冊到 Azure AD 的功能。 Azure Ad join 也適用於混合環境。它支持訪問云和本地應用程序。

Question 16

Azure AD join scenarios

Answer 16

1. Windows deployment for your owned devices.
2. Access to organizational apps and resources from your device.
3. Cloud-based management of owned devices.
4. To configure the user sign in to their devices with Azure AD or synced Azure AD work or school accounts.
5. 您擁有的設備的 Windows 部署。
6. 從您的設備訪問組織應用程序和資源。
7. 對自有設備進行基於雲的管理。
8. 配置用戶使用 Azure AD 或同步的 Azure AD 工作或學校帳戶登錄其設備。