Azure AD Identity Protection for your Microsoft 365 for enterprise test environment
This Test Lab Guide can only be used for Microsoft 365 for enterprise test environments.
You can use Azure Active Directory (Azure AD) Identity Protection to detect potential vulnerabilities that affect your organization’s identities, configure automated responses, and investigate incidents. This article describes how to use Azure AD Identity Protection to view the analysis of your test environment accounts.
Setting up Azure AD Identity Protection in your Microsoft 365 for enterprise test environment involves two phases:
- Phase 1: Build out your Microsoft 365 for enterprise test environment
- Phase 2: Use Azure AD Identity Protection
For a visual map to all the articles in the Microsoft 365 for enterprise Test Lab Guide stack, go to Microsoft 365 for enterprise Test Lab Guide Stack.
Phase 1: Build out your Microsoft 365 for enterprise test environment
If you want to only test Azure AD Identity Protection in a lightweight way with the minimum requirements, follow the instructions in Lightweight base configuration.
If you want to test Azure AD Identity Protection in a simulated enterprise, follow the instructions in Pass-through authentication.
Testing Azure AD Identity Protection doesn't require the simulated enterprise test environment, which includes a simulated intranet connected to the Internet and directory synchronization for an Active Directory Domain Services (AD DS) forest. It is provided here as an option so that you can test Azure AD Identity Protection and experiment with it in an environment that represents a typical organization.
Phase 2: Use Azure AD Identity Protection
- Open a private instance of your browser and sign in to the Azure portal at https://portal.azure.com with the global administrator account of your Microsoft 365 for enterprise test environment.
- In the Azure portal, type identity protection in the search box, and then select Azure AD Identity Protection.
- In the Identity Protection - Overview blade, select each report to see what it's reporting.
- Under Notify, select Users at risk detected alerts.
- In the Users at risk detected alerts pane, select Medium.
- For Emails are sent to the following users, select Included and verify that your global admin account is in the list of selected members.
- Select Save.
Under Protect, select various polices to see how to configure them. If you create and activate a policy, make sure that it's not blocking access for all users, or you might not be able to sign in. To prevent this, exclude specific user accounts, such as global admins.
For further testing and experimentation, see Simulating risk events.
Explore additional identity features and capabilities in your test environment.