Azure Active Directory is a cloud service that provides Identity as a Service (IDaaS), authentication, authorization, and identity management functions for the company's cloud and enterprise systems.
Entra ID is based on flexible access control capabilities that help
ensure security and reduce operating costs.
Entra ID can empower today's productive workforce.
Entra ID upgrades access management and secure identity. The global
presence of Microsoft and extensive consumer experience are combined
with powerful user behavioral analysis and advanced machine learning
technologies to create the Microsoft Security Intelligent Graph, which
means Entra ID stops credential compromise before it begins. The goal of
this service is to help your organization continue the digital
transformation process and migrate identity management from on-premises AD
to cloud-based Entra ID, avoiding the problems that appear during the
migration process.
It will allow you to increase the security and management of your users
and IT assets while lowering support and operating costs.
IT Partner responsibilities #
- Perform a gap analysis of an existing on-premises AD environment and determine the necessity of additional Microsoft 365/Azure licenses
- Prepare the existing On-Prem Active Directory and Entra ID for the migration
- Configure Entra ID policy
- Plan the transition from using GPO to Intune. (Not all GPO capabilities are currently supported by Intune. A review of computer management practices and additional work may be required.)
- Configure user profiles and devices
- Perform a pilot migration from on-premises AD to Entra ID for a small group of users. Gather feedback and do required troubleshooting. Prepare documentation for users, as needed.
- Migrate all the users from on-premises AD to Entra ID
- Assist with reconfiguring end-user devices
- On-Prem domain controller demotion
- Prepare a detailed report of all support activities and time spent
- Project closure and acceptance
Client responsibilities #
- Coordinate Client resources and staff schedules
- Provide a dedicated point of contact responsible for working with IT Partner
- Coordinate any outside vendor resources and schedules
- Configure all network equipment, such as load balancers, routers, firewalls, and switches
- Review and approve engagement deliverables in a timely manner
- Request and approve all change management tickets (if applicable) in the Client environment
- Make sure all users have proper licenses assigned in Microsoft 365 tenant
- Provide access to physical and virtual servers, as needed
- Provide necessary remote and/or physical access to facility and systems needed in order to complete the work
- Provide virtual or physical servers necessary to achieve the project goals
- Perform changes to internal and external DNS as required
- All the necessary Microsoft 365 and/or Azure subscriptions must be purchased before user migration can be started
- Resolution of basic tickets, which may be resolved by following end-user adoption instructions provided by Microsoft
Additional cost items not provided by this project #
- Support for any workstations with OS other than Microsoft Windows
- Windows 7/8.1 devices must be upgraded to Windows 10
- Firmware or operating system installation on servers, desktops, network hardware, or mobile devices
- Support for third-party business applications
- Training of end-user teams
- Additional purchase of items not specifically mentioned in scope of work (SOW)
- When connected to Entra ID, a new user profile will be created on the PC. Data transfer from current user profiles -- My Documents, Desktop, Favorites, etc. to OneDrive for Business or SharePoint Online. (Optional add-on to this project, if desired.)
Upon completion of the project, we will provide a project closeout
report. This document will indicate the final project status, including
evidence of matching acceptance criteria, outstanding issues, if any, and the
final budget. If you require more extensive documentation, it can be
provided for an additional fee.
Downtime status: users need to restart their PCs and log on to the newly
created accounts. Profile settings and documents are not migrated.
Prerequisites #
- Azure subscription
- Microsoft 365 Business subscription
- Microsoft Windows 10 Pro at all workstations
- Your organization does not use On-Prem file storage, such as Windows Server, NAS, or others. These documents must be transferred to Sharepoint Online.
- Check all business applications; they should not use Active Directory authentication
- If your organization uses On-Prem Microsoft Exchange, it must be transferred to Microsoft Exchange Online
Plan #
The plan may vary depending on your needs.
- Kickoff meeting
- Analysis of the existing infrastructure
- Preparation of the architecture and migration plan
- Entra ID setup
- Test migration
- Feedback gathering and required troubleshooting
- Migration of all users
- Verification and fixing of issues
- On-Prem domain controller demotion
Success Criteria #
- A gap analysis of an existing on-prem AD environment and Entra ID has been performed
- The necessity of additional Microsoft 365/Azure licenses has been determined and licenses purchased (license cost is not included in this SOW cost)
- The existing Entra ID has been prepared for the migration
- Pilot migration from on-premises AD to Entra ID has been performed for a small group of users. The feedback gathering and required troubleshooting has been performed.
- Documentation for end-users has been prepared, as needed
- All users are migrated from on-premises AD to Entra ID
- Users can log on to workstations with their authentication data and work with corporate resources
- Assistance with reconfiguring the end-user devices has been provided
Share
Related services
Securing and Hardening of your Microsoft 365 Environment
Our certified engineers will analyze how well you are leveraging existing and optional security controls and settings of your Microsoft 365 environment and develop a prioritized plan according to Microsoft best-practices to increase security and reduce risks.
New Employee Onboarding with Approvals and Notifications
Setting up the automated onboarding process for new employees in your organization with approvals and email notifications.