Microsoft Improves Active Directory Controls for Windows Azure
Microsoft is continuing its Windows Azure management improvements.
The improvements are basic, and follow from Microsoft's addition of federation capabilities between Windows Azure and Windows Server, as announced in late November. IT pros can now expect to have a somewhat more consistent experience across the two management capabilities, according to Microsoft's Monday blog post.
One of the improvements is simple enough. IT pros using the Windows Azure portal can now manage Windows Azure users and specify their access rights. It's not clear why IT pros couldn't carry out that basic function before.
If an organization has synchronized Windows Server Active Directory with Windows Azure, then the addition or deletion of users performed on premises with Active Directory will get automatically pushed into the Windows Azure management portal. That synchronization capability requires the use of "the 3.0 release of the Azure Active Directory extension," according to Microsoft's announcement.
IT pros can now designate global account administrators from the Windows Azure management portal, and they can enforce two-factor authentication as part of the process, such as requesting identity confirmation by sending an SMS text message or automated phone call to a device. A Microsoft Channel 9 video illustrates it being done with a mobile phone serving as the second prong of the two-factor authentication. Oddly, rich clients, such as Microsoft Outlook, can't be used for the two-factor ID process, according to the video.
The domain names for users can now be a little more specific to the company. The company's URL can now be specified, such as "email@example.com, instead of firstname.lastname@example.org," according to Microsoft's announcement.
The new management capabilities are available for anyone who uses the Windows Azure management portal, as part of being a Windows Azure Active Directory tenant. That includes IT shops using Office 365, according to the announcement.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.