Microsoft Entra ID Lab

Cloud & Hybrid Identity Provisioning | Conditional Access | Automation

⬅ Back to Enterprise IAM Lab Overview

Overview

This module simulates cloud identity provisioning and access management using Microsoft Entra ID (formerly Azure AD). It includes hands-on demonstrations of cloud-only user creation, hybrid sync from on-prem Active Directory, group-based license assignment, and Conditional Access policies.

📚 What This Covers

Cloud-only user creation (manual, CSV, PowerShell)
Hybrid identity provisioning from on-prem AD via Entra ID Connect
Group-based license assignment
Conditional Access enforcement (MFA, device-based policies)

📁 Lab Sections

User Provisioning

Create users manually, in bulk via CSV, or with PowerShell. Sync identities from AD via Entra Connect and automate license assignment.

View Walkthrough

Hybrid Identity

Install and configure Azure AD Connect, set OU filtering, verify sync, and enable password hash sync.

View Walkthrough

Conditional Access

Configure policies to enforce MFA, block legacy authentication, and require compliant devices.

View Walkthrough

🛠 Tools Used

Admin Portals: Microsoft Entra Admin Center, Microsoft 365 Admin Center
Command-line & Scripting: PowerShell (AzureAD & MSOnline modules)
Infrastructure: Azure AD Connect, On-Prem Windows Server (Hyper-V or VirtualBox)

🔗 Related Labs

This lab assumes the on-prem AD forest and OU structure covered in the Active Directory Lab.