Microsoft Entra ID

Introduction

Microsoft Entra ID (formerly Azure Active Directory) is a cloud-based identity and access management service that provides secure access to resources, enforces policies, and helps manage identities across your organization. This guide will help you navigate the Microsoft Entra portal, manage users and devices, configure security features like Conditional Access, and monitor risky users and sign-ins.

Accessing the Microsoft Entra Portal

Depending on your environment, you can access the Microsoft Entra portal through the following URLs:

• General Commercial Cloud (GCC): https://entra.microsoft.com
• Government Community Cloud High (GCC High): https://entra.microsoft.us

Ensure you have the necessary administrative privileges to access and manage settings within the portal.

Navigating the Microsoft Entra Portal

Upon signing in, you’ll encounter the main dashboard, which provides an overview of your organization’s identity and access management status. Key areas include:

• Users: Manage user accounts, including creating, updating, and deleting users. (Learn More)
• Groups: Organize users into groups for streamlined management and policy application. (Learn More)
• Devices: Monitor and manage devices registered in your organization. (Learn More)
• Conditional Access: Set policies that control access to your organization’s resources based on specific conditions. (Learn More)
• Security: Access tools to monitor and respond to identity-related security risks. (Learn More)

Managing Users

To manage users:

1. Access the Users Section:
   • Navigate to the “Users” section in the Microsoft Entra portal.
2. Add a New User:
   • Click on “New user” and fill in the required details, such as username, name, and password settings. (Learn More)
3. Edit an Existing User:
   • Select a user from the list to view or edit their properties, including group memberships, roles, and contact information.
4. Delete a User:
   • Choose the user to be removed and select “Delete.” Confirm the action when prompted.

Resetting Passwords and Managing Multi-Factor Authentication (MFA)

To reset a user’s password:

1. Select the User:
   • In the “Users” section, choose the user who needs a password reset.
2. Initiate Password Reset:
   • Click on “Reset password” and opt to either auto-generate a password or specify a new one manually. (Learn More)
3. Communicate the New Password:
   • Ensure the user receives the new password securely and instruct them to change it upon next sign-in.

To manage MFA settings:

1. Navigate to MFA Settings:
   • Go to “Security” > “Authentication methods” > “Multi-Factor Authentication.” (Learn More)
2. Configure MFA:
   • Set up MFA requirements, including which users or groups are required to use MFA and the authentication methods available.
3. User Registration:
   • Ensure users complete MFA registration by following the prompts during sign-in or by accessing the “My Sign-Ins” page.

Managing Devices

To manage devices:

1. Access the Devices Section:
   • Navigate to “Devices” in the Microsoft Entra portal.
2. View Device Inventory:
   • See a list of all devices registered in your organization, including details like device name, type, and compliance status. (Learn More)
3. Manage Device Settings:
   • Select a device to view properties, enable or disable the device, and perform actions like password reset for Windows devices.
4. Configure Device Compliance Policies:
   • Set up policies to ensure devices meet your organization’s security requirements. (Learn More)

Configuring Conditional Access

Conditional Access policies help protect your organization’s resources by enforcing access controls based on specific conditions. To set up a policy:

1. Navigate to Conditional Access:
   • Go to “Security” > “Conditional Access.” (Learn More)
2. Create a New Policy:
   • Click on “New policy” and provide a name for the policy.
3. Define Assignments:
   • Users or Workload Identities: Specify who the policy applies to.
   • Cloud Apps or Actions: Select the applications or actions the policy targets.
   • Conditions: Set conditions like sign-in risk, device platforms, or locations.
4. Set Access Controls:
   • Grant: Choose to block or grant access and, if granting, whether to require MFA, device compliance, or other controls.
   • Session: Configure session controls like sign-in frequency or application enforcement.
5. Enable and Review:
   • Set the policy to “Report-only” initially to assess its impact before enforcing it. (Learn More)

Monitoring Risky Users and Sign-Ins

To monitor and respond to risky users and sign-ins:

1. Access Identity Protection:
   • Navigate to “Security” > “Identity Protection.” (Learn More)
2. View Risky Users:
   • Select “Risky users” to see accounts flagged for risky behavior.
3. Investigate Risky Sign-Ins:
   • Click on “Risky sign-ins” to review details of sign-in attempts deemed suspicious. (Learn More)
4. Remediate Risks:
   • User Risk Policy: Configure policies to require password changes for users with high-risk levels.
   • Sign-In Risk Policy: Set policies to require MFA for sign-ins assessed as risky. (Learn More)