Azure Active Directory

Last updated: January 30, 2023
Audience: All UW

Azure AD provides a variety of cloud-based capabilities including application management, authentication, credential management, device management, information security, and is the integration point for a variety of cloud-based and hybrid solutions. If you are familiar with Active Directory, Azure AD is the cloud-based, infrastructure-as-a-service (IaaS) version, providing many of the same kinds of capabilities, but with the benefits of a cloud-based solution.

A document which explains a broad set of common terminology associated with Azure Active Directory may help you navigate.

UW Azure AD tenant

Use of some Azure services depends on having an Azure Active Directory tenant. The UW has guidance on when a new Azure AD Tenant should be created and when the existing enterprise Azure AD tenant should be leveraged. If in doubt, contact help@uw.edu for assistance.

The UW has one primary Azure AD tenant with a variety of domain names associated with it, including: uwnetid.onmicrosoft.com, cloud.washington.edu, uw.edu, u.washington.edu, and washington.edu. The most commonly used domain in this tenant is uw.edu, with many UW NetIDs automatically provisioned for use. Review the complete list of domains in this tenant. Other UW Azure AD tenants exist and all are managed by UW-IT.

The netid.washington.edu (NETID) Active Directory (AD) has a special association with our primary Azure AD tenant–objects in the NETID AD are synchronized to our Azure AD.

Service Options

There are many service options that Azure Active Directory provides. A full list of what Azure AD capabilities UW supports and the level of support is detailed in the Azure AD Capability Lifecycle and Support document.

Here are some notable capabilities supported:

  • Azure AD Security Token Service. Features UW NetID integration via federated authentication. See Azure AD Authentication.
  • Azure AD External Users. Features ability to collaborate with non-UW identities. See Azure AD Authentication, External Users.
  • Azure AD Device Join. See Azure AD Devices.
  • Conditional Access. On a per application basis, restrict who can get a logon token for that application with a set of criteria that must be met. May require additional purchase. See Azure AD Authentication, Conditional Access and Per-application 2FA with Azure AD.
  • Application integration. Allows you to leverage Azure AD STS features with your own application or a 3rd party application which is pre-integrated. SaaS integration and cross-application functionality are powerful features. See Azure AD Applications.
  • Duo 2FA via Conditional Access. See Azure AD 2FA.
  • Azure Information Protection. Features encryption and protection capabilities leveraging cloud-issued, short-lived access keys with support across a broad set of client platforms. May require additional purchase. See Azure Information Protection.

Solutions

  • Update your name in Azure AD applications like Office 365
    • If you need to update the name for a personal UW NetID: Go to https://identity.uw.edu/ and update your preferred name.
    • If you need to update the name for any other type of UW NetID: You should be able to use https://uwnetid.washington.edu/manage/ to update the Name associated with a variety of other types of UW NetIDs. If you can’t find a way to update the Name of the desired UW NetID in that tool, send a request to help@uw.edu.