Managing Windows Azure AD from the Windows Azure Portal 1– Sign Up with an Organizational Account

Byvibro on
5 Comments

Here there’s the first of three super quick visual guides about playing with the new Windows Azure Active Directory features in the Windows Azure portal. Please make sure you read Alex’s announcement and watch Abhishek’s video first!

I’ll try to keep the word count down, and let the screenshots speak! Hopefully this will entice you to try things yourself, and provide some reassurance if you are going through the process and get stuck. Note, I didn’t work at all on this great feature! All the credit goes to the UX and directory teams, who did a super job here. I just went through the following steps as any other customer would, and took screenshots along the way.

I broke down things in three posts:

  1. This post shows you how to sign up for a new Windows Azure subscription using an organizational account from an existing Windows Azure Active Directory tenant (e.g. your existing directory from an Office 365 subscription, etc). This option is actually not new, it was already available to you few weeks ago. I captured it anyway to give you a full end-to-end walkthrough with coherent names & screens.
  2. The second post will go through the main directory management features offered by the portal
  3. The third post will demonstrate something really really cool: we’ll create a new directory user, make it a global admin in the directory, and a co-admin in the Windows Azure subscription. Then… we’ll configure that account to enforce phone-based additional authentication factor when accessing the portal Smile pretty awesome, eh? Spoiler alert: there will be pictures of my phone.

Ready? Let’s dive right in.

Navigate to www.windowsazure.com.

image

Click on the free trial link.

 

image

Wow, it looks like you can get a lot of stuff with this free trial! Hit “Try it Free”.

 

image

Take a moment to study this screen. On the right hand side you can find the usual controls for signing in via existing Microsoft Account.
If you take a look at the left hand side, you’ll notice that the splash image offers another couple of options. We said that we want to sign up using our organizational account, and there we can find exactly the right option: “Office 365 users: sign in with your organizational account”. Click it.

 

image

If you played with our dev preview, for example with the ASP.NET tool for Windows Azure AD, you are already familiar with this screen: it’s the sign in page for Windows Azure AD. I have a directory tenant we’ve been using for playing with the AAL samples, I’ll use the admin user from that. You can use the admin any of from your existing tenants (if you don’t have any, consider taking a look here).

 

image

That tenant is not associated to any Windows Azure subscription… yet: that’s why we are going though this tutorial Smile for starting the trial provisioning process, click on sign up.

 

image

This screen informs you of what you’ll get, and what you’ll need to set things up: namely, a mobile phone and a credit card. Don’t worry, the trial does not charge! It’s for identification purposes only. Click the arrow on the lower right.

 

image

First verification step: you provide a mobile phone number, and Windows Azure sends you a code via SMS. Enter your mobile # and keep an eye on your phone.

 

image

Within few seconds, your phone will buzz with a message. Copy the code you received in the page, which will magically produce a field for it.

 

image

Once the code is verified, you can move on to the next step via the arrow on the lower right.

 

image

Last step! Here you can enter your credit card details, which will be used to identify you. Did I mention it’s for identification purposes only? Fill things in, then hit next.

 

image

Et voila’! You now have a trial subscription associated you your directory user (as opposed to a “traditional” subscription, where you would have used a Microsoft Account). In fact, you are already signed in (if you observed the top right corner you’ll see you already were earlier; you simply didn’t have a subscription). Hit the portal link and…

 

image

You’re in! Take the tour or skip it, you your heart’s content; anyway, once you’re done with that dialog, take a look at the vertical list of tabs on the right. You’ll see there is an entry for active directory: click it.

 

image

Here we start to see something that wasn’t there before: along with the access control namespace header, there is now a new enterprise directory header. Under that, you’ll find the directory tenant to which the current user belong. If you click on it, all sorts of interesting things will show up… as explained in the next post!