Microsoft Entra ID Terminology Flashcards
To get familiar with common Terminology associated with Microsoft Entra ID
A thing that can get authenticated. can be a user with a username and password. Can also include applications or other servers that might require authentication through secret keys or certificates.
Identity
identity that has data associated with it. You can’t have a ________ without this
Account
An identity created through Microsoft Entra ID or another Microsoft cloud service, such as Microsoft 365. Identities are stored in Microsoft Entra ID and accessible to your organization’s cloud service subscriptions. This account is also sometimes called a Work or school account.
Microsoft Entra account
This classic subscription administrator role is conceptually the billing owner of a subscription. This role enables you to manage all subscriptions in an account.
Account Administrator
This classic subscription administrator role enables you to manage all Azure resources, including access. This role has the equivalent access of a user who is assigned the Owner role at the subscription scope
Service Administrator
This role helps you manage all Azure resources, including access. This role is built on a newer authorization system called Azure role-based access control (Azure RBAC) that provides fine-grained access management to Azure resources
Owner
This administrator role is automatically assigned to whomever created the Microsoft Entra tenant. You can have multiple Global Administrators, but only Global Administrators can assign administrator roles (including assigning other Global Administrators) to users
Microsoft Entra Global Administrator
Used to pay for Azure cloud services. You can have many _______ and they’re linked to a credit card.
Azure subscription
A dedicated and trusted instance of Microsoft Entra ID. The _______ is automatically created when your organization signs up for a Microsoft cloud service subscription. These subscriptions include Microsoft Azure, Microsoft Intune, or Microsoft 365. This _________ represents a single organization and is intended for managing your employees, business apps, and other internal resources. For this reason, it’s considered a workforce tenant configuration. By contrast, you can create a tenant in an external configuration, which is used in customer identity and access management (CIAM) solutions for your consumer-facing apps
Tenant
Azure tenants that access other services in a dedicated environment are considered ______ tenant.
Single tenant
Azure tenants that access other services in a shared environment, across multiple organizations, are considered ______.
Multitenant
Each Azure tenant has a dedicated and trusted __________. The _________ includes the tenant’s users, groups, and apps and is used to perform identity and access management functions for tenant resources.
Microsoft Entra directory
Every new Microsoft Entra directory comes with an initial domain name, for example domainname.onmicrosoft.com. In addition to that initial name, you can also add your organization’s domain names. Your organization’s domain names include the names you use to do business and your users use to access your organization’s resources, to the list. Adding custom domain names helps you to create user names that are familiar to your users, such as alain@contoso.com.
Custom domain
Personal accounts that provide access to your consumer-oriented Microsoft products and cloud services. These products and services include Outlook, OneDrive, Xbox LIVE, or Microsoft 365. Your Microsoft account is created and stored in the Microsoft consumer identity account system that’s run by Microsoft.
Microsoft account (also called, MSA)
