This year is closing with the biggest set of capabilities ever released in one day from the Azure Active Directory team. Many features are coming in public preview for the first time and others are now generally available, on December 11th.
Starting with the general availability announcement of Azure Active Directory Application Proxy, Azure Active Directory can now provide single sign-on and secure remote access to all kinds of web applications hosted on-premises. Application Proxy will make possible the publishing of web applications and will be available in both Premium and Basic editions. Now your on-premises web apps can be delivered in the same way a SaaS application does, ensuring a cohesive and smooth experience for your end users.
For more details on Application Proxy and all the other released capabilities, read the Active Directory team blog.
Password writeback from Azure Active Directory to on-premises directories is generally available. Password changes on the cloud can be written back to your on-premises directories through Azure Active Directory Sync.
Administrative Units are coming in public preview to enable large enterprises sub-divide their directory and delegate administrative permissions across their complex organizations.
SaaS applications, supporting password SSO, can now be manually added by administrators to their Azure Active Directory tenants. This capability is introduced in public preview. This custom addition of applications to Azure Active Directory tenants is extended to the point that almost any link to applications can be added and assigned to end-users’ Access Panel, independent of single-sign on method and whether or not they exist in the Azure Active Directory Application Gallery.
With the above additions the Azure Active Directory Access Panel can be the point of launching SaaS applications from the Application Gallery or custom, web applications published from on-premises (via the Application Proxy) and any application with a link that can be publicly accessed.
Security questions as an option for secure self-service password reset is also coming in public preview. Users that don’t have access to a phone or an email account can answer a number of predefined security questions to prove their identity and get permission to reset their passwords from the myapps.microsoft.com web page (Access Panel)
We will continue to share Azure Active Directory, Azure Multi-Factor Authentication and Hybrid Identity news from this blog.