I planning for Power BI Implementation for one of the customers (With 800 Users), they do not have azure subscription nor Azure AD! How shall I get it started? Do I need to ask the customer to Subscribe to Azure? Will the free-tier of Azure AD work? What all the pre-requisites, Please help me
Azure active directory subscription comes for free if you have a paid azure, office 365 , Dynamics CRM subscriptions. You can go register for it and use it.
If the company already uses office 365 then it is quite easy to integrate with powerbi apps.
If azure active directory is the option you can add users or sync local AD users and integrate with Powerbi. You can also setup ADFS for a single sign-on option.
https://powerbi.microsoft.com/en-us/blog/azure-active-directory-and-power-bi/
https://technet.microsoft.com/en-us/library/dn832618.aspx
Related
I currently have an Office 365 tenant with around 1,400 users all licensed. We have enabled the Azure AD tenant with the same account and are now using Azure AD Dirsync to have same sign-on to Office 365.
We are now having an external Sharepoint site developed and have been offered either ADFS or Azure AD ACS as an authentication method. As we've already got an Azure AD subscription (through Office 365) I thought this would be the easiest method. However, when in my tenant on https://manage.windowsazure.com, I have access to Active Directory, can add a new directory but cannot add a new Access Control service. It's greyed out and says "not available" underneath.
I've tried talking to Office 365 support, who referred me to Azure support, who then said we don't have support so can't help. I've spoken to Azure sales and they've referred me to Azure support, who then guess what, said we don't have support.
Has anyone else managed to implement an Azure Access Control service from an Office 365 tenancy using the free Azure Active Directory subscription? I get the feeling I just need to buy a cheap Azure subscription and the option would become available, but without knowing for sure I'm a bit hesitant about taking the plunge.
Thanks.
I can imagine that you cannot use the free Azure subscription for this purpose because using the Access Control Service brings costs. The free subscription is not tied to any creditcard. When you have e.g. a pay-as-you-go subscription you should be able to create a ACS namespace. I just tried in one of my pay-as-you-go subscriptions.
You are (still) able to create a namespace but I suggest you to also take a look into the identity possibilities Azure AD itself has. Azure AD has currently only support for SAML 2.0 (and a lot of other protocols but they are not directly relevant for SharePoint). I know SharePoint (on-premises) only talks SAML 1.1 so that's where ACS comes in. You can read more about this topic here. Azure AD itself is going to support SAML 1.1. The only question is when. (see one of the comments from the source mentioned below this answer)
I also would make one remark about Azure AD ACS because this is going to be replaced by Azure AD. The only question left is when.
ACS Capabilities in Azure AD
As we've mentioned previously, we are adding ACS-like capabilities into Azure AD. In the coming months, as part of a feature preview Azure AD administrators will be able to add federation with social identity providers, and later custom identity providers to Azure AD. This will allow app developers to use Azure AD to simplify the identity implementation in their apps, similar to how developers use ACS today. We look forward to getting your feedback on the preview to improve these experiences.
Migrating ACS Customers to Azure AD
Once these new ACS capabilities of Azure AD are out of preview and generally available, we will start migrating ACS namespaces to use the new Azure AD capabilities.
Source: The future of Azure ACS is Azure Active Directory
Quick solution:
Create an Azure paid account. Add the administrator user of the paid account in the Office 365 directory, and set it as global administrator of this later directory (you can add users from other directories).
Then switch back to the paid account. The new global administrator will be able to manage the Office 365 directory and add a namespace.
I understand that Office 365 is on separate domain and live id (Microsoft account) is used for consumer applications.
But can an Office 365 account get live/Microsoft services?
The issue is we trying to SSO Office 365 applications and Azure ML (used with Microsoft account) but as the domains are different I am unable to find any proper help or process on the web.
We can create a live account with our company domain but can we create a federation on Live account ? For e.g. on Office 365 we created a #.com federation and were able to SSO it, how can we do the same with a live account ?
According to the Azure ML pricing page the free tier is standalone, requiring a Live ID. The Standard tier is associated with your Azure subscription, so you use your org IDs.
I’m currently testing the Microsoft Azure and SharePoint 2013 ability.
In our office, we have an Office 365 account, and I have created a Azure 30-days trial subscription. I have connected those two, so our Office 365 users are visible in Azure AD.
We need to install a virtual server with SharePoint installed on it, with access to a SQL server in Azure as well.
Is it possible to use the Azure AD as authentication for SharePoint users?
If possible, we would like to avoid installing an On-premises AD in Azure. We simply need the authentication for our SharePoint users, so we can keep everything in the cloud, without Site to site VPN to our in house AD.
I am aware, that the virtual machine in Azure with Sharepoint on it, will run in a Workgroup, but I have a hard time figuring out, how I can access the Azure AD to lookup users. I don’t know if this is possible.
Best regards
Christian
I have a new Office 365 Small Business subscription and am wondering how best to synchronize contacts with a custom in-house database application.
I have found material explaining how to access the underlying technology, Azure Active Directory with the a library called the Azure Active Directory Graph Client Library.
However, to my knowledge I don't have an Azure Management Portal for the Azure technologies underlying Office 365, and that's where I would normally register my application for API access according to those tutorials.
So, if I want to access the Azure Active Directory in my Office365 account with the Azure Active Directory Graph Client Library, where do I register the application, get my key - and to which host do I connect to?
Office 365 uses Azure Active Directory as identity management, so it is already there. To access Windows Azure portal for your existing Office 365 subscriptions all you need is to activate a free Windows Azure subscription on your existing account .
This blog Using your Office 365 Azure AD tenant with application access enhancements for Windows Azure AD gives a very detailed steps on how to do it.
I have a portal through which I resell different vendor's software licenses. I have a question on Office 365 provisioning and selling user licenses to my clients.
My requirement is as follows:
User should be able to log in through my portal and create their Office 365 user account and choose plans as per their need
Through Single sign on (SSO) activity, I need to get the SSO Url, so Office 365 users already logged in to my portal do not require to log in again to their Office 365 account again
Users can update, cancel their Office 365 user accounts through my portal
I have researched on internet regarding Office 365 provisioning and found following ways to integrate Office 365 client application in my portal
Using ‘https://provisioningapi.microsoftonline.com/ProvisioningWebService.svc?wsdl’ WebService, this WebService has got all required APIs to provision Office 365. could not find any documentation for this WebService on the web. It would be nice if I can get documentation of this webservice.
Using PowerShell Cmdlets. Most blog users suggest this as the best way for provisioning Office 365. I tried this but need a Partner account or Tenant Administrator account who can actually provision users
Am I moving towards the right direction? If I need to test how to provision Office 365 users within my environment can I get any test/dummy tenant administrator/partner user account? It would be nice if you can answer my questions little fast.
If you're interested in reselling Office 365 subscriptions, what you want is probably to become part of the Microsoft Partner Network. There is currently no method to programmatically provision Office 365 accounts (except for -maybe- Microsoft resellers/partners)
If the Office 365 account exists already, you can programmatically provision users, groups, subscriptions, etc., but as you've seen, you either need to be a partner (who provisioned that account in the first place), or a tenant administrator.
As far as programmatic access to Azure Active Diretory (the underlying identity system that Office 365 accounts use), I strongly recommend staying away from the web service you mention (it's simply the web service used by the AAD cmdlets). You can use the PowerShell cmdlets (from .NET code if needed), or even better, the Azure Active Directory Graph API for a web-friendly RESTful interface.