Windows Azure

Associate an Organizational Azure Active Directory with a Windows Azure Subscription

Q: How can I associate an organizational Azure Active Directory instance with my Windows Azure subscription?

A: When you create most Microsoft services, an Azure Active Directory instance is created behind the scenes. There will be times when you'll want to be able to manage this Azure Active Directory instance through the regular Windows Azure portal, as well as use your Windows Azure subsciption to manage your Azure Active Directory users. To do this, you'll need to link your organizational Azure Active Directory instance with your Windows Azure subscription as follows.

  1. Log on to Azure with your Microsoft ID (e.g., https://manage.windowsazure.com).
  2. Navigate to the Active Directory workspace.
  3. Select New, App Services, Active Directory, Directory, Custom Create.
  4. Select Use existing directory from the drop-down menu, select the I am ready to be signed out now check box, and click the check mark, as the following figure shows.
  5. You'll be logged out. When you log on again, you should log on as a global administrator of the organization's Azure Active Directory instance that you want to add to the Azure subscription.
  6. You'll be prompted to use the directory with Windows Azure. Click continue, as the following figure shows.
  7. Click Sign out now.
  8. Log back on to your Azure subscription as a regular Azure user (e.g., Live ID).
  9. If you now select Active Directory workspace, you'll see your organization's Azure Active Directory instance.
  10. If you look at the users, you'll see a new user that's actually your Live ID—which is now part of your organizational Azure Active Directory. This is what allows the access. If you ever want to disassociate your organizational Active Directory instance with your Windows Azure subscription, just delete this user (shown in the following figure).
  11. You can go one step further and make the organizational Azure Active Directory instance the main directory for your Azure subscription, which will allow you to make users from the organizational Azure Active Directory co-administrators of the Windows Azure subscription. From the Subscriptions menu, select Manage subscriptions/directory.
  12. Select the subscription and click Edit Directory, as the following figure shows.
  13. The selected directory is your organizational Azure Active Directory (the only other directory available). Click Next, Complete. To change back to the automatically created Azure Active Directory for your Live ID, just repeat this step, specifying your built-in Azure Active Directory, as the following figure shows.
  14. Refresh the portal. To add users from your organizational Azure Active Directory, navigate to the Settings workspace and select Administrators.

At this point you can manage your organizational Azure Active Directory through the Azure portal, as well as give users access to your Azure subscription.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish