Converse agora com nosso suporte
Chat com o suporte

On Demand Global Settings Current - User Guide

Working with On Demand Overview of On Demand Signing up for On Demand Managing organizations and regions Adding users to an organization Managing your Azure tenants and on-premises domains On Demand Home page Settings Documentation roadmap Technical Support

Joining an existing On Demand organization with an Azure AD account

You can use your Azure AD account to join an existing On Demand organization. Using your Azure AD account is referred to as federated identity management.

Federated identity management can increase security and lower risk by enabling an organization to identify and authenticate a user once, and then use that identity information across multiple systems, including external partner websites such as On Demand.

At the bottom of the page, click Sign in with Microsoft.


Managing your Azure tenants and on-premises domains

A tenant is a dedicated instance of Azure Active Directory that your Microsoft organization receives and owns when it signs up for a Microsoft cloud service such as Azure or Microsoft 365. For more information, see this Microsoft help page.

This section contains information about the following activities involved in setting up your On Demand environment to manage your Azure tenants and on-premises domains:

Tenants overview

The Tenants page provides an overview of all your tenants. It shows the number of users, consent status, and provides access to admin consent for the different On Demand modules.

On the Tenants page, each tenant tile lists the number of users in the tenant. The user count is divided into Cloud only and Hybrid users. Hybrid users are Microsoft identities that can access both on-premises and cloud-based resources.

A tenant houses the users in a company and the information about them. You must add a Microsoft 365 tenant to manage the tenant properties using an On Demand module.

Applications used to manage Azure AD tenant properties must participate in the consent flow provided by Azure AD. This means an Azure Global Administrator must provide admin consent when adding a tenant to On Demand. Admin consent is granted on behalf of the Microsoft Azure organization.

In addition to the standard Azure AD tenant, you can also add an Azure AD B2C tenant. On the Tenant page, Azure AD B2C tenants can be distinguished by the following icon next to the tenant name:

For more information on B2C tenants, see this Microsoft help page.

Adding tenants

When you add a tenant, you must have Global Administrator credentials in Microsoft Azure since part of the process of adding a tenant is done in the Microsoft Azure portal.

The Azure Global Administrator role is the top level administrator role and has access to all features. By default, the person who signs up for an Azure subscription is assigned the Global Administrator role for the tenant. Additional users can be assigned to the Global administrator role.

If you are in the U.S. region, once you select Tenants and click Add Tenant, you must select the type of tenant you are adding, whether commercial, GCC, or GCC High. When you click Add Commercial or GCC Tenant (or Add GCC High Tenant) you are redirected to the Microsoft tenant administration login page where you must log in with the Global Administrator credentials for the tenant.

If you are in any other region, you select Add Tenant and are immediately redirected to the Microsoft tenant administration login page where you must log in with the Global Administrator credentials for the tenant. After successful authentication, the Consent Grant dialog is displayed. You must confirm the consent grant.

GCC or a GCC High tenants are available only for deployments in the U.S. region. Currently, only the On Demand Migration module supports GCC and GCC High tenants.

Microsoft 365 GCC tenants are typically used by US public sector organizations and the contractor organizations that service them.GCC High tenants provide Microsoft 365 services that adhere to additional US Department of Defense security requirements. Customer eligibility to GCC High tenants is restricted.

Admin consent is required to add a tenant to On Demand. Since only an Azure Global Administrator can grant admin consent, you must be able to provide Azure Global administrator credentials for the tenant you are adding.

Click Add Tenant.
Click Add Commercial or GCC Tenant
Click Add GCC High Tenant
Click Accept.
If you need to have additional permissions for a module, click Grant Consent. You are redirected to the Microsoft login page.
Click Accept.
If you click Edit Consents on a GCC or GCC High tenant tile, in addition to the domain name and the tenant ID, you will also see the country code for the tenant.

At a later date, if you change the display name of the tenant or the default domain name in Microsoft Azure Active Directory, you can refresh the tenant in On Demand to immediately update the name. When you refresh the tenant, On Demand rereads the tenant information from your Azure Active Directory tenant to synchronize with the On Demand stored data.

To refresh the tenant, display the Tenants page and click the refresh icon that displays beside the tenant name on the tenant tile.

Documentos relacionados

The document was helpful.

Selecione a classificação

I easily found the information I needed.

Selecione a classificação