Our Blog

where we write about the things we love



Managing User Accounts in Office 365

Managing users, domains, licensing, services and other admin-related tasks is easy via the Office 365 admin centre portal. 

The Office 365 admin centre portal is available to organisations using Microsoft services such as Exchange Online, CRM Online or SharePoint Online.

Managing users is a pretty straightforward task but you need to understand the three different ways to manage user accounts before proceeding. I will show you the difference between each user management option in this blog post.

To start managing your services, login to the Office 365 Admin Center using your administrator credentials. You will see something like this screenshot:

There are three different ways you can manage user accounts in Office 365. The diagram below summarises the differences:

Office 365 users (level: Easy)

Users are created in the Office 365 by assigning login names @orgname.onmicrosoft.com by default, or @yourdomain.com. User information such as names, job title, and password is stored in Office 365.

This is suitable for small-sized businesses with no on-premises Active Directory or no IT team.

Active Directory users (level: Intermediate)

Users are created and managed in on-premises Active Directory with data synchronised to Office 365.

In this case on-premises Active Directory is the source of truth. Using Directory Sync installed on an on-premises machine users, including their usernames and passwords, are copied from the on-premises Active Directory to Office 365, allowing them to login to Microsoft Online services using their Active Directory credentials.

This is suitable for medium-sized businesses with on-premises Active Directory, but small or minimal IT team.

Activer Directory users plus Single Sign-On (level: Advanced)

With Active Directory users still need to type in the passwords to login to Microsoft Online services, the same passwords stored in the on-premises Active Directory. In the Single Sign-On approach, authentication is done via Active Directory Federation Services (ADFS). In addition to on-premises Active Directory, in this approach you need to have another server setup for ADFS. You create a relying trust between ADFS (on-premises, accessible from the external network) with Office 365.

When logging in to Microsoft Online Services and typing username@yourdomain.com, the login page will immediately redirect you to the ADFS server for authentication. For the users within the company’s network, they will be authenticated straight away without having to type in their passwords. Otherwise, they will be prompted for password on the Security Token Service (STS) page served by ADFS.

This is suitable for enterprise-sized businesses with on-premises Active Directory and professional IT team.

In summary Office 365 provides flexible, yet secure, ways to integrate its services into an organisation's infrastructure, accommodating SMB and Enterprise needs alike through an easy to use interface.

Posted by: Stephanus Natawardaja | 06 March 2014

Tags: SaaS, Cloud Computing, Office 365

Top Rated Posts

Blog archive

Stay up to date with all insights from the Intergen blog