IT Connect
Information technology tools and resources at the UW

Azure AD Capability Lifecycle and Support

The UW Azure Active Directory provides a very large number of capabilities crossing many areas. This page lists those capabilities, the lifecycle stage each is in, and our support for them.

The UW Enterprise Architecture (EA) program promotes using specific terms to communicate technology lifecycle status, and we attempt to use their terminology. You may want to consult the UW EA documentation on the intended meaning of these terms.

Lifecycle Support

The following chart can be used to help understand what the lifecycle terms listed for each Azure AD capability mean.

Not Available Emerging Baseline Containment Retired
Possible for customers No Maybe Yes Restricted No
MI support available No No Yes Limited No
MI consulting available No Yes Yes Yes No
Requires special licensing N/A Maybe No Maybe N/A

Authentication and Credential Management Capabilities

Capability Component Support Lifecycle
Authentication AAD Security Token Service Baseline
AAD UW NetID & authentication integration ADFS, Weblogin, NETID domain Baseline
Web app identity (social, id registration, or UW NetID) AAD B2C Emerging
Multi-factor authentication Azure MFA Not available, may emerge later
MFA: Windows Hello for Business (AAD-join-based) AAD Device Registration Service Not available, may emerge later
AAD Self Service Password Reset (SSPR) AAD Access Portal Not available
Cloud to on-prem token translation AAD App Proxy Emerging
Per-app logon token issuance based on conditions AAD Conditional Access Emerging

Collaboration and Application Management Capabilities

Capability Component Support Lifecycle
AAD Groups (integrated) AAD Groups, AAD Connect, UW Groups Service Baseline
AAD Office groups AAD Groups, Office 365, Azure/Office portals Baseline (MSCA support)
AAD Member private groups N/A Not available
AAD Group integration for external users N/A Not available
AAD Groups integration for Office groups N/A Not available
AAD Self Service/Delegated Group Management Azure Portal, AAD Access Portal, Group owner Not available

Baseline for Office groups

AAD Dynamic and Dedicated Groups Azure Portal Emerging
Self-service app identity and permission creation AAD Apps, AAD Service Principals, AAD OAuth server Baseline
User consent to app access AAD OAuth server Baseline

Device Management Capabilities

Capability Component Support Lifecycle
AAD Device Join AAD Device Registration Service Emerging
AAD Workplace Join AAD Device Registration Service Baseline
AAD MDM (InTune) AAD Device Registration Service, MDM provider Not available, may emerge later

Information Security Capabilities

Capability Component Support Lifecycle
Azure Info Protection (RMS) Azure RMS, Azure RMS Connector Baseline
AAD RBAC, Roles, & Admin Units (AUs) AAD Role templates, AAD Roles, AAD AUs Baseline (no AUs yet)
AAD Privileged Identity Management AAD PIM Emerging
Audit information AAD Graph Emerging
Audit reporting AAD Graph, UW-IT AAD monitor Baseline: CISO & UW Medicine Security
AAD Threat Analytics AAD Threat Analytics Emerging

Enable Cloud Capabilities

Capability Component Support Lifecycle
Directory information AAD Graph API Baseline
AAD Directory integration AAD Connect, AAD Graph, AAD PS interface Baseline
External Users AAD B2B Emerging
Discover what SaaS apps are being used AAD Cloud App Discovery Not available, may emerge later
Non-modern cloud-based app integration Azure AD Domain Services Not available, may emerge later
AAD user based licensing AAD Graph API, Azure Portal, AAD PS interface Emerging (baseline expected during FY19)
AAD Group-based license assignment AAD Group-based licensing Baseline