IT Connect
Your connection to information technology at the UW

Azure Active Directory

Azure AD provides a variety of cloud-based capabilities including application management, authentication, credential management, device management, information security, and is the integration point for a variety of cloud-based and hybrid solutions. If you are familiar with Active Directory, Azure AD is the cloud-based, infrastructure-as-a-service (IaaS) version, providing many of the same kinds of capabilities, but with the benefits of a cloud-based solution.

A document which explains a broad set of common terminology associated with Azure Active Directory may help you navigate.

UW Azure AD tenant

Use of some Azure services depends on having an Azure Active Directory tenant. The UW has guidance on when a new Azure AD Tenant should be created and when the existing enterprise Azure AD tenant should be leveraged. If in doubt, contact help@uw.edu for assistance.

The UW has one primary Azure AD tenant with a variety of domain names associated with it, including: uwnetid.onmicrosoft.com, cloud.washington.edu, uw.edu, u.washington.edu, and washington.edu. The primary domain used in this tenant is uw.edu, with many UW NetIDs automatically provisioned for use. Other UW Azure AD tenants exist and all are managed by UW-IT.

The netid.washington.edu (NETID) Active Directory (AD) has a special association with our primary Azure AD tenant–objects in the NETID AD are synchronized to our Azure AD.

Service Options

There are many service options that Azure Active Directory provides. A full list of what Azure AD capabilities UW supports and the level of support is detailed in the Azure AD Capability Lifecycle and Support document.

Here are some notable capabilities supported:

  • Azure AD Security Token Service. Features UW NetID integration via federated authentication. See Azure AD Authentication.
  • Azure AD External Users. Features ability to collaborate with non-UW identities. See Azure AD Authentication, External Users.
  • Azure AD Device Join. See Azure AD Devices.
  • Cloud to On-premises Token Translation (Azure AD Application Proxy). Features the ability to leverage the AAD STS authentication features for on-premises applications.
  • Conditional Access. On a per application basis, restrict who can get a logon token for that application with a set of criteria that must be met. May require additional purchase. See Azure AD Authentication, Conditional Access and Per-application 2FA with Azure AD.
  • Application integration. Allows you to leverage Azure AD STS features with your own application or a 3rd party application which is pre-integrated. SaaS integration and cross-application functionality are powerful features. See Azure AD Applications.
  • Duo 2FA via Conditional Access. See Azure AD 2FA.
  • Azure Information Protection. Features encryption and protection capabilities leveraging cloud-issued, short-lived access keys with support across a broad set of client platforms. May require additional purchase. See Azure Information Protection.

Solutions

  • Update your name in Azure AD applications like Office 365
    • If you need to update the name for a personal UW NetID: Go to https://identity.uw.edu/ and update your preferred name.
    • If you need to update the name for any other type of UW NetID: You should be able to use https://uwnetid.washington.edu/manage/ to update the Name associated with a variety of other types of UW NetIDs. If you can’t find a way to update the Name of the desired UW NetID in that tool, send a request to help@uw.edu.
Last reviewed August 19, 2020