Azure Active Directory is a cloud service that provides Identity as a Service (IDaaS), authentication, authorization, and identity management functions for the company's cloud and enterprise systems.

Entra ID is based on flexible access control capabilities that help ensure security and reduce operating costs.
Entra ID can empower today's productive workforce.
Entra ID upgrades access management and secure identity. The global presence of Microsoft and extensive consumer experience are combined with powerful user behavioral analysis and advanced machine learning technologies to create the Microsoft Security Intelligent Graph, which means Entra ID stops credential compromise before it begins. The goal of this service is to help your organization continue the digital transformation process and migrate identity management from on-premises AD to cloud-based Entra ID, avoiding the problems that appear during the migration process.
It will allow you to increase the security and management of your users and IT assets while lowering support and operating costs.

IT Partner responsibilities #

1. Perform a gap analysis of an existing on-premises AD environment and determine the necessity of additional Microsoft 365/Azure licenses
2. Prepare the existing On-Prem Active Directory and Entra ID for the migration
3. Configure Entra ID policy
4. Plan the transition from using GPO to Intune. (Not all GPO capabilities are currently supported by Intune. A review of computer management practices and additional work may be required.)
5. Configure user profiles and devices
6. Perform a pilot migration from on-premises AD to Entra ID for a small group of users. Gather feedback and do required troubleshooting. Prepare documentation for users, as needed.
7. Migrate all the users from on-premises AD to Entra ID
8. Assist with reconfiguring end-user devices
9. On-Prem domain controller demotion
10. Prepare a detailed report of all support activities and time spent
11. Project closure and acceptance

Client responsibilities #

1. Coordinate Client resources and staff schedules
2. Provide a dedicated point of contact responsible for working with IT Partner
3. Coordinate any outside vendor resources and schedules
4. Configure all network equipment, such as load balancers, routers, firewalls, and switches
5. Review and approve engagement deliverables in a timely manner
6. Request and approve all change management tickets (if applicable) in the Client environment
7. Make sure all users have proper licenses assigned in Microsoft 365 tenant
8. Provide access to physical and virtual servers, as needed
9. Provide necessary remote and/or physical access to facility and systems needed in order to complete the work
10. Provide virtual or physical servers necessary to achieve the project goals
11. Perform changes to internal and external DNS as required
12. All the necessary Microsoft 365 and/or Azure subscriptions must be purchased before user migration can be started
13. Resolution of basic tickets, which may be resolved by following end-user adoption instructions provided by Microsoft

Additional cost items not provided by this project #

1. Support for any workstations with OS other than Microsoft Windows
2. Windows 7/8.1 devices must be upgraded to Windows 10
3. Firmware or operating system installation on servers, desktops, network hardware, or mobile devices
4. Support for third-party business applications
5. Training of end-user teams
6. Additional purchase of items not specifically mentioned in scope of work (SOW)
7. When connected to Entra ID, a new user profile will be created on the PC. Data transfer from current user profiles -- My Documents, Desktop, Favorites, etc. to OneDrive for Business or SharePoint Online. (Optional add-on to this project, if desired.)

Upon completion of the project, we will provide a project closeout report. This document will indicate the final project status, including evidence of matching acceptance criteria, outstanding issues, if any, and the final budget. If you require more extensive documentation, it can be provided for an additional fee.
Downtime status: users need to restart their PCs and log on to the newly created accounts. Profile settings and documents are not migrated.

Prerequisites #

1. Azure subscription
2. Microsoft 365 Business subscription
3. Microsoft Windows 10 Pro at all workstations
4. Your organization does not use On-Prem file storage, such as Windows Server, NAS, or others. These documents must be transferred to Sharepoint Online.
5. Check all business applications; they should not use Active Directory authentication
6. If your organization uses On-Prem Microsoft Exchange, it must be transferred to Microsoft Exchange Online

Plan #

The plan may vary depending on your needs.

1. Kickoff meeting
2. Analysis of the existing infrastructure
3. Preparation of the architecture and migration plan
4. Entra ID setup
5. Test migration
6. Feedback gathering and required troubleshooting
7. Migration of all users
8. Verification and fixing of issues
9. On-Prem domain controller demotion

Success Criteria #

1. A gap analysis of an existing on-prem AD environment and Entra ID has been performed
2. The necessity of additional Microsoft 365/Azure licenses has been determined and licenses purchased (license cost is not included in this SOW cost)
3. The existing Entra ID has been prepared for the migration
4. Pilot migration from on-premises AD to Entra ID has been performed for a small group of users. The feedback gathering and required troubleshooting has been performed.
5. Documentation for end-users has been prepared, as needed
6. All users are migrated from on-premises AD to Entra ID
7. Users can log on to workstations with their authentication data and work with corporate resources
8. Assistance with reconfiguring the end-user devices has been provided