John’s Masterclass has been a uniquely interesting, absorbing and rewarding experience: top quality training materials and lots of interaction with John and fellow attendees. I’ve come away with all expectations exceeded and feeling confident that I will now be able to address a number of challenges in my company environment.
Are you interested in booking a private John Craddock Identity Masterclass for your team via Zoom? Would you like to be the first to hear about new dates for public courses via Zoom?
Please Please contact us or complete this short form.
Who is John Craddock’s Microsoft Identity Masterclass for?
The 5-day Microsoft Identity Masterclass is for those who wish to learn how identity solutions offered by Azure Active Directory, on-premises AD FS and AD can help you build identity systems for the future. It takes place remotely via Zoom.
What will I learn?
The Microsoft Identity Masterclass with John Craddock dives deep into:
Authentication protocols and associated trouble-shooting
Managing Azure AD using the portals, PowerShell and graph APIs
Hybrid considerations including web app proxy, pass-through authentication and AD FS
Working with SaaS, WS-federation, OAuth2.0 apps, and supporting WIA apps in a claims environment
Enabling B2B and B2C
Application developers who are tasked with integrating authentication and authorization with Microsoft Azure and/or on-premises AD FS will greatly benefit from the detailed coverage. Code development is not included in the class, but you will learn about all of the configuration requirements.
About John Craddock’s Microsoft Identity Masterclass
John Craddock’s “awesome” Microsoft Identity Masterclass is a high-energy, action-packed deep dive into Microsoft Azure AD, crammed with solid information and tips. John will help build your knowledge and consolidate your new skills with 37 hands-on labs.
The extensive use of hands-on labs enables you to learn fundamentals and principles, and how to deploy and troubleshoot solutions. In-depth knowledge will also be gained through the use of tools such as Fiddler, to analyze and understand the protocol flows.
The hands-on labs are all run in a cloud-based virtual environment that will be available to you for 60 days after the course is completed. This will allow you to do the labs again and to test out other ideas.
See the course outline tab above for exactly what you’ll learn.
At the end of the course you will:
Understand how the identity solutions offered by Azure Active Directory, on-premises AD FS and AD can help you build identity systems for the future using protocols that include OpenID Connect and OAuth 2.0
Know how to authenticate and provide authorization factors to applications that can be located on-premises or in the cloud. The source of identity of the users could be from your own corporate network, your Azure AD domain, a partner organization and/or a social identity provider such as Facebook or Google.
Post-course, you’ll have:
A pdf of the hands-on manual and slides used during the Masterclass
60 days’ access (from the first day of the Masterclass) to 37 hands-on labs in a cloud-based virtual environment
About John Craddock
John Craddock is a Microsoft MVP (Most Valuable Professional) and has been involved in Microsoft solutions since the early days of Windows and Windows NT. John spoke on Active Directory at the Windows 2000 launch events and has focused on identity solutions since the first release of AD FS for Windows Server 2003.
He is an identity and security architect and has been involved in many IT projects for industry leaders including Microsoft, the UK Government and multi-nationals. He is a well-known international speaker, and has delivered this Masterclass to professionals throughout the world.
This course is live instructor-led training via Zoom.
After a comprehensive introduction to today’s identity challenges and solutions, you will learn the details of the authentication protocols. This in-depth coverage of the protocols will allow you to troubleshoot any problems you may encounter when deploying solutions. As we go through the hands-on labs, you will be expected to troubleshoot any issues you may encounter during the Masterclass. Of course, John will be there if you need help.
Day 1 hands-on labs include:
Creating an Azure Active Directory
Capturing and analysing HTTP/HTTPS sessions using Fiddler
Enabling Kerberos on a website
Troubleshooting Kerberos network traffic using Wireshark
Tracing the WS-federation protocol
After completing our investigation of the protocols, you will learn how to configure the Azure Active Directory to meet your requirements. You’ll discover how to manage the Azure AD through the Azure Portal, using PowerShell and the GraphAPIs. After adding custom domains and branding to your Azure AD, you will see how to enhance security and the user experience using self-service password resets, and MFA.
Day 2 hands-on labs include:
Investigating OpenID Connect
Adding custom domains to Azure AD
Managing Azure AD with PowerShell
Using Graph Explorer
Self-service password resets
Enabling Multi-Factor Authentication
You will start the day by deploying Azure AD Connect to synchronize on-premises AD users to Azure AD. We will then investigate pass-through authentication and the new SSO capabilities provided by Azure AD Connect. You will learn about the SSO capabilities of Windows 10 when it is joined to Azure AD and how Windows Hello, the authenticator app and FIDO 2 keys can eliminate the need for passwords.
At this stage, you will have created a reliable identity infrastructure, and now it’s time to make applications available to our users.
You will start by deploying a SaaS app to your users; configuring groups, assignments and self-service application management. You will then deploy your own applications into Azure AD using both WS-Federation and OpenID Connect / Oauth2.0.
Day 3 hands-on labs include:
Installing and configuring synchronization with Azure AD Connect
Investigating pass-through authentication and SSO
Working with SaaS applications
Self-service application management
Configuring a WS-Federation App with Azure AD
Configuring an Open ID Connect / OAuth 2.0 app with Azure AD
The day starts by diving deeper into the application model and learning about managing permissions, roles, groups, delegation, APIs and consent. You will discover how to turn your application into a multi-tenant app and make it available to all users from all Azure AD tenants. You proceed to work with the Azure AD Application Proxy to publish applications to the Internet.
Day 4 hands-on labs include:
Managing permission roles and groups
Defining WebAPI permissions
Deploying a V2 app and testing consent
Publishing a claims-aware application with the Azure AD application proxy
The day starts with configuring the Azure AD application proxy to work with Kerberos constrained delegation and then continues with configuring AD FS and understanding how to federate with Azure AD. You will then learn how to configure an OpenID Connect /OAuth 2.0 application to work with AD FS. We will then stretch our boundaries and see how Azure AD can open access to consumers (B2C) and businesses (B2B).
Day 5 hands-on labs include:
Publishing an application using Windows Authentication via Kerberos Constrained Delegation
Configuring AD FS
Enabling Federated SSO
Installing and configuring an OpenID Connect app on AD FS
Multi-tenant versus federated applications
Managing B2B invitations and guest users
Taking over an unmanaged tenant
Discover why John Craddock’s Microsoft Identity Masterclass is so highly recommended by students:
To attend the Masterclass, you need to be a confident IT administrator with a thirst for knowledge. The Masterclass doesn’t teach basic Azure AD administration, but because of the extensive hands-on, you can come to this class with no prior knowledge of Azure AD. You will pick up the basics as we focus on the more challenging topics.
To gain the maximum from this class and the hands-on labs, you will need hands-on system administrator’s skills. For example, you will need to know how to:
Create and manage groups, OUs and group policies in an on-premises AD
Perform basic server/DC troubleshooting (for example check if a service is running, and restart it)
Add a DNS record
Add an URL to a browser’s Intranet zone
In my roughly 20+ years in the IT industry, this was by far the best class I have taken. Typically, a lot of classes marked as “advanced” in any way, don’t always meet everyone’s expectations. The level of detail on everything was fantastic, and all of the material being kept up to date to even include recent preview features was greatly appreciated. The labs were all set up in a way that you were given enough information to succeed, but you had to actively engage to complete them. This by far helps with retention in learning new information.
Not only did the class meet my expectations in content provided, it far exceeded it.
Steve, Senior Server Engineer, US John Craddock's Identity Masterclass - live via Zoom, 2020
The masterclass is excellent. It is the most in-depth content related to the management of identity in the Microsoft arena that I have seen around. I am very satisfied!
Giovanni, IT Consultant, UK John Craddock's Identity Masterclass - live via Zoom, 2020
Excellent content and very thorough. The course shows the background mechanics for application and session management in Azure. It fills in a lot of grey areas.
Rich, IT Systems Architecture, US John Craddock's Identity Masterclass - live in the classroom, 2019