Recently I gave a presentation on managing users with Azure Active Directory. In this presentation, I start by asking how many people in the room are using Azure AD. All hands go up. I then start the presentation by showing how we kick off automation by being sure to populate a few key fields in the user profile. Then we followed along one of the automation paths that are enable by simply typing a few letters into a field in the profile.
- dynamic group membership
- license assignment
- permissions to various teams and groups
Then we send an email to join the computer and then
- application installation
- device configuration
- sensor deployment
- policies
By the time I got to the first item, dynamic group membership, all but a single member of the audience had lowered their hands. No one was actually using features of Azure AD. But everyone was either doing a few of these items manually or using a third-party tool.
Here’s my pet peeve. If you don’t know how the underlying technology works, then you shouldn’t buy a tool. Your first step you be to learn. Until you learn you don’t know, what you don’t know and you don’t know how to judge whether or not that tool is doing a good job or a so-so job at adhering to the secure methods that this all should be done. Is the tool doing things the right way? Or is it doing it in some 1990’s way? You don’t know because you don’t know how it is supposed to be done.
Until you know how something is supposed to be done, please don’t buy a tool to do that thing for you. Vendors aren’t crutches.