Microsoft Entra ID Lab

Cloud & Hybrid Identity Provisioning | Conditional Access | Automation

↓

📖 Overview

This module simulates cloud identity provisioning and access management using Microsoft Entra ID (formerly Azure AD). It includes hands-on demonstrations of cloud-only user creation, hybrid sync from on-prem Active Directory, group-based license assignment, and Conditional Access policies.

📚 What This Covers

👤 Cloud-Only User Creation

Create users manually, through bulk CSV import, or using PowerShell automation.

🔗 Hybrid Identity Provisioning

Sync on-prem Active Directory accounts into Entra ID with Entra Connect.

👥 Group-Based License Assignment

Automatically assign Microsoft 365 licenses to users based on group membership.

🔐 Conditional Access Enforcement

Secure access with MFA, device compliance policies, and user risk conditions.

📁 Lab Sections

User Provisioning

Create users manually, in bulk via CSV, or with PowerShell. Sync identities from AD via Entra Connect and automate license assignment.

View Walkthrough

Hybrid Identity

Install and configure Azure AD Connect, set OU filtering, verify sync, and enable password hash sync.

View Walkthrough

Conditional Access

Configure policies to enforce MFA, block legacy authentication, and require compliant devices.

View Walkthrough

🛠 Tools Used

Admin Portals: Microsoft Entra Admin Center, Microsoft 365 Admin Center

Command-line & Scripting: PowerShell (AzureAD & MSOnline modules)

Infrastructure: Azure AD Connect, On-Prem Windows Server (Hyper-V or VirtualBox)

🔗 Related Labs

This lab assumes the on-prem AD forest and OU structure covered in the Active Directory Lab.