# Active Directory

* Microsoft cloud-based identity and access management service.<br>

* Azure AD helps employees of an organization sign in and access resources:<br>

  * External resources - Microsoft 365, the Azure portal, and thousands of other software as a service (SaaS) applications.<br>
  * Internal resources -  Apps on your corporate network and intranet, along with any cloud apps developed by your own organization.<br>

* Provides services such as:<br>
  * Authentication - Functionality such as self-service password reset, multi-factor authentication (MFA), a custom banned password list, and smart lockout services.<br>
  * Single sign-on (SSO).<br>
  * Application management - Manage your cloud and on-premises apps.<br>
  * Business to business (B2B) identity services - Manage your guest users and external partners while maintaining control over your own corporate data.<br>
  * Business-to-customer (B2C) identity services - Customize and control how users sign up, sign in, and manage their profiles when using your apps with services.<br>
  * Device management - Manage how your cloud or on-premises devices access your corporate data.<br>

* Single sign-on:<br>
  * Users need to remember only one ID and one password.<br>
  * Access across applications is granted to a single identity tied to a user, simplifying the security model.