This Azure tutorial will discuss the quick steps to set up Microsoft Entra ID.
Table of Contents
Microsoft Entra ID Configuration Step-By-Step
We should have a little idea of What is Microsoft Entra ID.
Follow the below steps.
1. Log in to Azure Portal (https://portal.azure.com/)
2. Once you log in, click on the + Create a resource from the left navigation menu.
3. Search for the Microsoft Entra ID on the New page and click on the search result, as shown in the screenshot below.
4. Click on the Microsoft Entra ID option from the Create dropdown.
5. Select the tenant type as Microsoft Entra ID or Azure AD B2C based on your requirement. Then click on the Next: configuration button.
Note: You must own a paid license to choose the Microsoft Entra ID option for creating the Microsoft Entra Workforce tenant.
6. On the Create Tenant page, enter the Organization name, Initial domain name, and location or Region; select the subscription, Choose a Resource Group, and then click the Review + Create Button.
7. Now, click on the Create button.
8. Navigate to the Azure Active Directory you have created. From the left navigation, expand Manage, click on App registrations, and then click on the + New registration link.
Provide the application’s name, choose the other options like below, and then click on the Register button.
If you want to see all the registered applications under that Azure Active Directory, click on the App registrations and the All application options.
You can click on the registered application and then set the Redirect URLs and Application ID URL by clicking on the Add a Redirect URL and Add an Application ID URL links.
Now you can click on the Endpoints to see all the endpoints, including the Microsoft GraphAPI. You can copy these endpoints if you need to use those externally.
From the left-hand menu, click on API permission, then click on + Add permission. From the list of APIs, click on Microsoft Graph.
Now, from the Request API permissions, you can choose the Delegated permissions, select the needed permission under the Permission section based on your business needs, and click on the Add Permissions button.
You can also choose the Application permissions based on your business needs.
In the same way, you can choose other APIs, such as Azure DevOps, Azure Key Vault, Azure Rights Management Services, Azure Service Management, and Azure Storage, based on your business needs.
Now, to configure Azure Active Directory single sign-on, Navigate to the Azure Active Directory, click on the App registrations, and then you can click New application registration to add a new application
On the Register, an application page, Provide a name, Choose an option for Who can use these applications, or access this API? and then choose the Redirect URI as a Public client/native (mobile/desktop) option and provide the required URI then click on the Register button.
Click on the API permissions and then + Add a permission —> Select an API based on your requirement.
FAQs
How do I manually sync my Azure AD?
We can manually sync the Azure Active Directory using the PowerShell cmdlet. Follow the below steps to sync your Azure AD.
1. Open the Windows PowerShell or PowerShell ISE in administrator mode.
2. Run the below cmdlet to import the ADSync module
Import-Module ADSync
3. You can use the below PowerShell cmdlet
PS C:\WINDOWS\system32> Start-ADSyncSyncCycle -PolicyType Delta
Or, you can also use the below PowerShell cmdlet to force AD sync
PS C:\WINDOWS\system32> Start-ADSyncSyncCycle -PolicyType Initial
You may also like following the tutorials below
Conclusion
Well, in this tutorial, we discussed Azure Active Directory configuration step by step.
I am Bijay, a Microsoft MVP (10 times) having more than 17 years of experience in the software industry. During my IT career, I got a chance to share my expertise in SharePoint and Microsoft Azure, like Azure VM, Azure Active Directory, Azure PowerShell, etc. I hope you will learn from these Azure tutorials. Read more
