You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
Every Azure environment begins with a tenant, and within that tenant live the users and groups that form the foundation of your identity management strategy. This lesson explores how to create, manage, and organise these identity objects.
A tenant represents a single organisation in Microsoft Entra ID. When your organisation signs up for Azure, Microsoft 365, or any other Microsoft cloud service, a tenant is automatically created.
| Property | Description |
|---|---|
| Tenant ID | A globally unique GUID (e.g., 72f988bf-86f1-41af-91ab-2d7cd011db47) |
| Primary domain | The default .onmicrosoft.com domain |
| Custom domains | Verified domains you add (e.g., contoso.com) |
| Country or region | Determines the data-residency location |
You can establish cross-tenant access settings (B2B collaboration) to share resources between tenants.
Entra ID supports two primary user types:
| Type | Description |
|---|---|
| Member | A full member of the directory, typically an employee |
| Guest | An external user invited via B2B collaboration |
az ad user create \
--display-name "Jane Smith" \
--user-principal-name jane.smith@contoso.com \
--password "SecureP@ssw0rd!" \
--mail-nickname jsmith
New-MgUser -DisplayName "Jane Smith" `
-UserPrincipalName "jane.smith@contoso.com" `
-PasswordProfile @{ Password = "SecureP@ssw0rd!"; ForceChangePasswordNextSignIn = $true } `
-MailNickname "jsmith" `
-AccountEnabled
Users have a rich set of properties including:
Groups simplify access management by allowing you to assign permissions to a collection of users rather than to individuals.
| Type | Description |
|---|---|
| Security | Used to manage access to resources (RBAC role assignments, app access) |
| Microsoft 365 | Used for collaboration (shared mailbox, SharePoint site, Teams channel) |
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.