Mere months after adding federation capabilities between Windows Server and Windows Azure last year, Microsoft has now made some management improvements to its Azure platform.
These new management capabilities are available for all users of the Windows Azure management portal — meaning everyone that is part of Windows Azure Active Directory, including Office 365 and other Microsoft cloud based services.
Alex Simons, the director of PM, Windows Azure Active Directory detailed the upgrades in a lengthy post on the official Windows Azure blog on MSDN.
IT professionals can now enjoy a streamlined experience across the two management capabilities. The first one is basic but much needed. Professionals using the Windows Azure portal can now manage Windows Azure users and specify their access rights.
Don’t ask why this basic function was missing in the first place.
Organizations that have synchronized Windows Server Active Directory with Windows Azure can add and delete users on premises using Active Directory, and these changes will automatically be pushed into the Windows Azure management portal.
Redmond says that this synchronization capability requires the use of the 3.0 release of the Azure Active Directory extension.
Global account administrators can now also be designated from the Windows Azure management portal, and two-factor authentication can be enforced as part of the process — such as identity confirmation via a SMS text message or automated phone call to a device.
Microsoft has also put up a Channel 9 video that illustrates this two-factor authorization being done with a mobile phone. Oddly enough Microsoft Outlook still cannot be used for the ID process.
