Project 3 - User Management and Authentication

Project 3: User Management and Authentication

Part 1: Create Groups

 Step 1: Log in to your portal with your user id (e.g. [email protected]) from https://aad.portal.azure.com and click on the Azure Active Directory, Click on Groups and Click New group

 Create a Security group called KCoder_Admin_CurrentDate as a Group Name (replace CurrentDate with CurrentMonthandYear e.g. KCoder_Admin_20201017). For Group description add Group to Manage M365 Portal. Add Michael Pattison as a member.

 Create a Security group called KCoder_Support_CurrentDate as a Group Name (replace CurrentDate with CurrentMonthandYear e.g. KCoder_Support_20201017). For Group description add Group to Support M365 Portal. Add Susan Pandya as a member.

 Take a screenshot of the Groups Blade showing both security groups. Copy the screenshot to Part 1 Step 1 of the submission document.

Part 2: Manage Role-Based Access Control (RBAC) Roles

 Step 1: Go to Azure Active Directory and click on Roles and administrators

 Click on Helpdesk administrator and click Add assignments. Add Michael Pattison's account to the Helpdesk administrator group. Copy the screenshot to Part 2 Step 1 of the submission document.

 Step 2: Use the above steps, add Susan Pandya to the Global Administrator group. Copy the screenshot to Part 2 Step 1 of the submission document.

Part 3: Examine User Sign-ins

 From the Azure Active Directory Admin Center, go to Sign-Ins and provide a screenshot of the user sign-in for the last 7 days. Copy the screenshot to Part 3 of the submission document.

Part 4: Azure Active Directory Password Reset

 Click on the Azure Active Directory on the blade and go to Password reset.

 Step 1: From the Password reset Properties blade and add the KCoder_Support_CurrentDate

group. Be sure to save the settings. Copy the screenshot to Part 4 Step 1 of the submission document. Examine the Authentication Methods, Registration, Notifications, and Customizations.

Part 5: Azure AD Banned Passwords

 From the Azure Active Directory, click on Security, click on Authentication methods under Manage.

 Step 1: Click on password protection and enter the following information. o Lockout threshold: 5 o Lockout duration in seconds: 120 o Enforce custom list: Yes o Enter at least 10 passwords in the Custom banned password list

 Save and take a screenshot. Copy the screenshot in Part 5 Step 1 of the submission document.

Resources:

Azure Active Directory Groups: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-create- azure-portal

Azure AD Roles: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory- manage-roles-portal

Azure Self Service Password Reset - https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-deployment

Azure Active Directory Banned Passwords: https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-configure-custom- password-protection