There has been some news about Windows Azure Active Directory recently. Yesterday an announce has been made about a deeper integration between Windows Azure portal and Windows Azure Active Directory (http://blogs.msdn.com/b/windowsazure/archive/2013/03/04/more-identity-and-access-management-improvements-in-windows-azure.aspx).
I had created a Windows Azure Active Directory standalone tenant a few weeks ago. You can do this yourself; it is available at https://activedirectory.windowsazure.com/Signup/QuickSignup.aspx?ru=https://activedirectory.windowsazure.com/default.aspx&ali=1.
In order to access Windows Azure resources from a Windows Azure Active Directory (from now on WAAD) account, it is possible to go the Windows Azure Management portal (https://manage.windowsazure.com) and connect like an Office 365 user. In this case we’ll see how to create a free subscription with this account.
Browse to https://manage.windowsazure.com
you receive a text message on your phone that you can enter:
You can then fill the following form. Note that the e-mail can be changed to an e-mail address where you prefer to receive messages (this may not be the same as your WAAD account).
Click Next, and the subscription will be created
before you are redirected to the following page:
click on the Portal link in the upper right corner. You get a few welcome screens that show how the portal works:
then you get the usual experience:
In the Active Directory part of the portal, you can access your WAAD domain and manage users. In particular, you can create a co-admin account and ensure this account connects only with 2 factor authentication:
Add the user as a co-admin
Then, this user can connect thru https://activedirectory.windowsazure.com
you receive an SMS on your phone and you are asked to answer it with a code
Type the code on the phone and answer the SMS
Then this user can connect to the management portal
Benjamin
Blog Post by: Benjamin GUINEBERTIERE