Azure PPE Lab Guide (Print Out)

Microsoft Partner Practice Enablement Boot Camp Lab Guide

Contents Lab 1: Create a Virtual Machine in Microsoft Microsoft Azure.......................................... Azure.................................................... .......... 5 Overview............................ Overview................................................ ....................................... ....................................... .................................. ............................ ................ 5 Objectives......................... Objectives............................................ ....................................... .......................................................... ............................................... ......... 5 Syste re!uireents............. re!uireents................................ ....................................... ............................................................. ........................................... 5 "#ercise "#ercise 1: Create a Virtual Machine usin$ the Mana$eent %ortal........................5 &as' &as' 1 ( Lo$in................ Lo$in.................................... ........................................ ....................................... ............................................... ............................ 5 &as' &as' ) ( Create Create a stora$e account account to contain contain V*+s for the virtual achines......., achines......., &as' &as' - ( Show the the /0C C2"A&" C2"A&" virtual achine achine creation creation o3tion..................... o3tion............... .......4 .4 &as' &as'  ( Create Create a virtual achine achine with the the 6ALL"27 6ALL"27 virtual achine achine creation creation o3tion............................ o3tion................................................ ....................................... ....................................... ................................................ ............................ 8 Lab 1: Suary............................. Suary................................................. ........................................ ................................................... ............................... 11 Lab ): Connectin$ Virtual Machines............................. Machines........................................................... ........................................... ............. 11 Overview............................ Overview................................................ ....................................... ................................................................ ............................................... .. 11 Objectives......................... Objectives............................................ ....................................... ....................................................... ............................................. .......... 11 Syste re!uireents............. re!uireents................................ ....................................... .......................................................... ........................................ .. 11 "#ercise "#ercise 1: Create a virtual achine in an e#istin$ clou9 service.........................11 &as' &as' 1 ( Create Create an Availability Availability set for *i$h availability................. availability............................... ..................... .......11 11 "#ercise "#ercise ): Create a virtual achine in an e#istin$ clou9 service.........................1 &as' &as' 1 ( Create Create virtual achine achine usin$ the the 2OM 6ALL"27 6ALL"27 O%&0O;....................1"#ercise "#ercise -: &est networ' connectivity with %in$................................................ %in$.................................................... ....15 15 &as' &as' 1 ( "nable "nable 0CM% on 9eov) to vali9ate connectivity connectivity...............................15 ...............................15 Lab ): Suary............................. Suary................................................. ........................................ ................................................... ............................... 14 Lab -: Con<$urin$ the Azure Loa9 =alancer................................................ =alancer............................................................. .............14 14 Overview............................ Overview................................................ ........................................ ....................................... ................................. ........................ .......... 14 Objectives......................... Objectives............................................ ....................................... ....................................................... ............................................. .......... 14 Syste re!uireents............. re!uireents................................ ....................................... .......................................................... ........................................ .. 14 "#ercise "#ercise 1: Con<$ure Con<$ure >eb Servers................................. Servers..................................................... ....................................... ................... 18 &as' &as' 1 ( 0nstall 0nstall an9 Con<$ure Con<$ure 00S....................................... 00S........................................................................ ................................. 18 "#ercise "#ercise ): Con<$urin$ the Loa9 =alancer................................ =alancer......................................................... ........................... ..)? )? &as' &as' 1@ Creatin$ Creatin$ a Loa9 =alance9 =alance9 Set............................ Set................................................. ................................... ................ )?

"#ercise "#ercise -: Verify Loa9 =alancin$ ............................................... ......................................................................... .......................... ) &as' &as' 1@ Verify Verify Loa9 =alancin$.......................... =alancin$.............................................. ................................................... ............................... ) &as' &as' )@ View >eb Lo$s to See the Loa9 =alancer =alancer *&&% *&&% %robes......... %robes....................... .................)5 ...)5 Lab -: Suary............................. Suary................................................. ........................................ ................................................... ............................... )4 Lab : Con<$urin$ Access Control Control Lists................................................. Lists.................................................................... ................... )8 "#ercise "#ercise 1: Secure 2eote 2eote +es'to3 Access Only to the Local ;etwor'.. ;etwor'....... .......... .........)8 ....)8 &as' &as' 1( Save the .2+%
&as' &as' ) ( Create Create a new Active Active +irectory.................. +irectory..................................................... ............................................ .........  &as' &as' - @ Associate Associate the Active +irectory +irectory with your Azure Azure subscri3tion............. subscri3tion....................."#ercise "#ercise ): A99 /sers to Active +irectory................................ +irectory.................................................... .............................. .......... &as' &as' 1 ( A99 a 6lobal A9inistrator A9inistrator to the Active Active +irectory......... +irectory....................... ..................... .......  &as' &as' ) ( A99 a /ser to the the Active +irectory.................. +irectory...................................... ...................................... ..................4 4 &as' &as' - ( A99 a Co@A9inistrator Co@A9inistrator for the Microsoft Microsoft Azure Azure Subscri3tion... Subscri3tion......... ......... ...... ...8 8 "#ercise "#ercise -: Create a Security 6rou3 an9 a99 /sers /sers to the 6rou3.................... 6rou3............ ............. .....  &as' &as' 1 ( Si$n@in Si$n@in to the Azure Azure Mana$eent %ortal %ortal as the the 6lobal A9inistrator. A9inistrator. . &as' &as' ) ( Create Create a Security 6rou3............................ 6rou3................................................ ....................................... ........................ ..... 5? &as' &as' - ( A99 a /ser to the the Security 6rou3................. 6rou3...................................... ................................... ................... .....51 51 "#ercise "#ercise : Si$n@in to the Azure Mana$eent %ortal %ortal as a /ser........................ /ser.......... ...................5) .....5) Lab ,: Suary............................. Suary................................................. ........................................ ................................................... ............................... 5 Lab 4: A33lication Access....................... Access........................................... ....................................... ............................................. ............................ 5 Overview............................ Overview................................................ ........................................ ....................................... ................................. ........................ .......... 5 Objectives......................... Objectives............................................ ....................................... ....................................................... ............................................. .......... 55 %rere!uisites..... %rere!uisites......................... ....................................... ....................................... ........................................ .......................................... ......................55 55 "#ercise 1: A99 a SaaS A33lication fro the Azure A33lication 6allery to your Azure Active +irectory.................... +irectory....................................... ....................................... ........................................ ................................ ............ 55 &as' &as' 1 ( A99 the Microsoft Microsoft One+rive One+rive A33lication....................... A33lication........................................... .........................55 .....55 &as' &as' ) ( Assi$n Assi$n user access access to the Microsoft Microsoft One+rive One+rive a33lication............. a33lication....................54 .......54 &as' &as' - ( /se the the Access %anel to see an9 launch launch Microsoft Microsoft One+rive....... One+rive................ .........58 58 Lab 4: Suary............................. Suary................................................. ........................................ ................................................... ............................... ,1 Lab 8: Multi@actor Multi@actor Authentication..................... Authentication......................................... ........................................ ................................... ............... ,) Overview............................ Overview................................................ ....................................... ................................................................ ............................................... .. ,) Objectives......................... Objectives............................................ ....................................... ....................................................... ............................................. .......... ,) %rere!uisites..... %rere!uisites......................... ....................................... ....................................... ........................................ .......................................... ......................,) ,) "#ercise "#ercise 1: Create a Multi@actor Multi@actor Authentication %rovi9er.................................... %rovi9er.....................................,) .,) &as' &as' 1 ( Si$n@in Si$n@in to Azure Azure Mana$eent %ortal................ %ortal.................................... ..................................... .................,) ,) &as' &as' ) ( Create Create a Multi@actor Multi@actor Authentication Authentication %rovi9er............... %rovi9er.......................................,........................,"#ercise "#ercise ): Man$e Multi@actor Multi@actor Authentication for a /ser in the Active +irectory. , &as' &as' 1 ( "nable "nable Multi@actor Multi@actor Authentication Authentication for /ser........................ /ser.........................................., .................., &as' &as' ) ( Setu3 A99itional A99itional Security Security Veri
Lab 8: Suary......................... Suar y............................................. ........................................ ...................................................... .................................. 4) Lab : >ebsites with a SL =ac'en9........................ =ac'en9............................................ ................................................ ............................ 4) Overview............................ Overview................................................ ....................................... ................................................................ ............................................... .. 4) Objectives......................... Objectives............................................ ....................................... ....................................................... ............................................. .......... 4) Syste re!uireents............. re!uireents................................ ....................................... .......................................................... ........................................ .. 4"#ercise "#ercise 1: Con<$ure Con<$ure the +atabase............................... +atabase................................................... ....................................... ....................... .... 4 &as' &as' 1 ( Create Create a SL Server Virtual Machine................. Machine.................................................... ................................... 4 &as' &as' ) ( Create Create Orchar9 Orchar9 +atabase............................ +atabase...................................................... ........................................ ................ 48 "#ercise ): Create a Microsoft Azure >ebsite usin$ Orchar9 CMS.........................8) &as' &as' 1 ( Create Create the Orchar9 Orchar9 >ebsite............... >ebsite................................... ....................................... ............................... ............ 8) Lab : Suary......................... Suar y............................................. ........................................ ...................................................... .................................. 85

Lab 1: Create a Virtual Machine in Microsoft Azure Oerie! 0n this lab you will learn how to use the Microsoft Azure Mana$eent %ortal o3tions for creatin$ a virtual achine.

Ob"ecties &his lab will will show how to: Lo$in to the Mana$eent %ortal Create a Virtual Machine

#$stem re%uirements 7ou 7ou ust have the the followin$ to co3lete this 9eo: A reliable 0nternet connection An active Microsoft Azure subscri3tion

"stiate9 tie to co3lete this 9eo: 1& Minutes

E'ercise 1: Create a Virtual Machine usin( the Mana(ement Portal &as' & as' 1 ( Lo$in 1.

Lau Launch nch a browser wser an9 an9 na navi$ vi$ate ate to to htt3s:EEana$e.win9owsazure.co htt3s:EEana$e.win9owsazure.co.. Once 3ro3te9 lo$in with your Microsoft Azure cre9entials.

)ote: 7ou ay nee9 to launch an Fin@3rivateF session in your browser if you have ulti3le Microsoft Accounts.

).

After After you enter enter your your eailG eailG select select whethe whetherr this this is a Micr Microso osoft ft or Or$anization account.

-. ro there there you will be 9irecte9 9irecte9 to the the correct correct 3rovi9er 3rovi9er to lo$in with with your 3asswor9.

&as' & as' ) ( Create a stora$e account account to contain V*+s for the virtual achines. achines. 1. Clic Clic' ' on on the the *)E+ lin' at the botto@left corner corner of the screen.

). Select ,A-A #E.V/CE# 0 #-O.AGE 0 23/C4 C.EA-E

-. S3ecify S3ecify the the stora$e stora$e account account 3ro3er 3ro3erties ties.. a. A u uni ni!u !ue e na nae e 5Should be all lowercase 6 for the stora$e account 3.L b. &he Micro Microso soft ft Azur Azure e Location to create the stora$e account in. c. Select Locall$ .edundant for 2e3lication
. %ress %ress the the chec' chec'ar ar' ' ne#t ne#t to C.EA-E #-O.AGE ACCO3)- to 3rovision the stora$e account.

5. Before proceedin( wait for the stora$e account creation to co3lete. B as seen below D

&as' & as' - ( Show the /0C C2"A&" C2"A&" virtual achine creation creation o3tion. 1

Clic' Clic' the ;"> ;"> button button at the the botto botto left left of of the ana$ ana$eent eent 3ortal. 3ortal.

)

Clic' COMP3-E7 V/.-3AL MAC8/)E an9 then 23/C4 C.EA-E to

-

2eview 2eview the the o3tions o3tions on the the screen screen for >in9o >in9ows ws Server Server or Linu# Linu# base9 base9 virtual achine in this view but do not actuall$ create the irtual machine. a

,)# )AME: /ni!ue host nae. &his value is also the nae of the clou9 service container container for the virtual virtual achine. &he virtual achine achine create9 here will also be nae9 the sae as the clou9 service.

b

3#E. )AME: local a9inistrator account nae Bcannot be a9inistratorD

c

.EG/O)9A/)/-; G.O3P: the 9ata center location to create the virtual achine in.

&as'  ( Create a virtual &as' virtual achine with the 6ALL"27 6ALL"27 virtual achine creation creation o3tion. 1

Clic' Clic' the ;"> ;"> button button at the the botto botto left left of of the ana$ ana$eent eent 3ortal. 3ortal.

)

Clic' COMP3-E7 V/.-3AL MAC8/)E an9 then .OM GALLE.;

*i$hli$ht the virtual achine $allery o3tion available. Select >in9ows >in9ows Server )?1) 2) +atacenter an9 clic' the Hne#t arrowH button at the botto ri$ht.

-

"nter "nter the the con<$ura con<$uration tion for the virtual virtual achine. achine. a

V/.-3AL MAC8/)E )AME: &his is the co3uter nae: demom1. &his value ust be uni!ue within the sae clou9 service.

b

#/
c

)E+ 3#E. )AME: 9eouser

9

PA##+O.,: 9eoI3ass1



On the ne#t ne#t screenG screenG s3ecif s3ecify y a uni!ue uni!ue nae for for your your clou9 clou9 service. service. Select Select the sae Microsoft Azure re$ion that you create9 the stora$e account in in tas' two. or nowG 'ee3 availability set as none.

5

On the
Lab 1: #ummar$ 0n this lab you have learne9 how to 3rovision a Microsoft Azure Stora$e Account to act as the un9erlyin$ stora$e for Microsoft Azure Virtual Machines. 7ou have also wal'e9 throu$h both the /0C C2"A&" an9 6ALL"27 creation o3tions of the Microsoft Azure Mana$eent 3ortal an9 create9 a virtual achine with Microsoft Antialware enable9.

Lab =: Connectin( Virtual Machines Oerie! 0n this labG you will use the Microsoft Azure Mana$eent %ortal %ortal to create a secon9 virtual achine in the clou9 service create9 in the 3revious lab. 7ou will then 9eonstrate networ' connectivityG inclu9in$ nae resolution an9 enablin$ 0CM% for 3in$ vali9ation.

Ob"ecties &his 9eo will will show how to: Con<$ure Availability Sets Create a virtual achine in an e#istin$ clou9 service "nable 0CM% on the virtual achines
#$stem re%uirements 7ou 7ou ust have the the followin$ to co3lete this 9eo: A reliable 0nternet connection An active Microsoft Azure subscri3tion Co3lete9 Lab 1 ( Creatin C reatin$ $ a Virtual Machine

"stiate9 tie to co3lete this 9eo: =& Minutes

E'ercise 1: Create a irtual machine in an e'istin( cloud serice &as' & as' 1 ( Create an Availability Availability set for *i$h availability availability 1. O3en the con<$uration con<$uration for 9eov1 that was create9 in the 3revious 3revious lab by clic'in$ on the nae colun of the virtual achine list.

). Once Once o3en o3en clic' clic' on the CO)/G3.E tab.

-. 0n the settin$s settin$s sectionG sectionG Choose Choose Create an Aailabilit$ #et in the AVA0LA=0L0&7 S"& 9ro39own an9 s3ecify: ,emoAVset for the availability set nae.

. Clic Clic' ' on on the the #AVE button.

5. >hen 3ro3te9 3ro3te9 to restar restarte9 te9 clic' clic' ;E#.

,. >ait for the Availability Availability set to be create9 create9 before ovin$ ovin$ to the ne#t ne#t e#ercise. e#ercise.

E'ercise =: Create a irtual machine in an e'istin( cloud serice &as' & as' 1 ( Create virtual virtual achine usin$ the 2OM 6ALL"2 6ALL"27 7 O%&0O; . Clic' Clic' the ;"> button button at the botto botto left left of the ana$een ana$eentt 3ortal. 3ortal.

5. Clic' COMP3-E7 V/.-3AL MAC8/)E an9 then .OM GALLE.;>

,. *i$hli$h *i$hli$htt the virtual virtual achine achine $allery $allery o3tion availab available. le. Select Select +indo!s #erer =&1= .= ,atacenter an9 clic? the the ri$ht arrow button at the botto ri$ht corner.

4. "nter the con<$uration for the virtual virtual achine achine an9 clic' clic' the ne#t ne#t arrow arrow to continue. a

V/.-3AL MAC8/)E )AME: 9eov)

b

#/
c

)E+ 3#E. )AME: 9eouser

9

PA##+O.,: 9eoI3ass1

8. Select Select the 3reviou 3reviously sly create9 create9 clou9 clou9 service service fro fro the CLO3, #E.V/CE 9ro3 9own. Select the sae stora$e account an9 the availability set create9 in the
. Acce3t Acce3t the 9efaul 9efaults ts on the en93oin en93ointt con<$urat con<$uration ion 3a$e. 3a$e.

1?.Clic' the Chec'ar' at the botto of the screen to co3lete the virtual achine creation. &his will ta'e soe tie.

E'ercise @: -est net!or? connectiit$ !ith Pin( &as' & as' 1 ( "nable 0CM% on 9eov) to vali9ate connectivity. 1

Lo$ Lo$ into into the
11.Once 3ro3te9 lo$in with the cre9entials s3eci 1-.&y3e 1-.&y3e in pin( demom= . 7ou shoul9 resolve an 0% a99ressG but there will be no res3onse fro the server.

1.Lo$ into the secon9 virtual achine demom=7 by hi$hli$htin$ the virtual achine an9 clic'in$ the CO))EC- button. 15.Once 3ro3te9G lo$in with the cre9entials that you s3eci #ecurit$>

14.Clic' /nbound .ules 18.in9 the ile and Printer #harin( 5Echo .e%uest /CMP0/n6 ruleG ri$ht clic' on it an9 select Enable .ule .

1.Switch bac' to demom1 an9 in the sae coan9 3ro3t e#ecute pin( demom= a$ain. &his tie you shoul9 see a res3onse fro demom=>

Lab =: #ummar$ 0n this lab you learne9 how to 3rovision a secon9 virtual achine in an e#istin$ clou9 service an9 join it to an e#istin$ availability set. ro there you learne9 how to enable 0CM% connectivity Bwhich woul9 a33ly to any other 3rotocolD to allow connectivity between the two virtual achines.

Lab @: Con(urin( the Azure Load Balancer Oerie! 0n this labG you will install 00S an9 con<$ure loa9 balance9 *&&% en93oints en93oints on 9eov1 an9 9eov). 9eov ). 7ou will also learn how to use the 00S >eb >eb Lo$s to troubleshoot the Microsoft Azure *&&% Loa9 =alancer 3robe.

Ob"ecties &his 9eo will will show how to: Con<$ure loa9 balancin$ between ulti3le virtual achines. &estin$ &estin$ an9 troubleshoot troubleshoot the the loa9 balancin$ balancin$ 3robe 3robe usin$ web lo$s.

#$stem re%uirements 7ou 7ou ust have the the followin$ to co3lete this 9eo: A reliable 0nternet connection An active Microsoft Azure subscri3tion Co3lete9 the labs in Mo9ule 1.

"stiate9 tie to co3lete this 9eo: =D Minutes

E'ercise 1: Con(ure +eb #erers 0n this e#erciseG e#erciseG you will see how to con<$ure the 9efault iisstart.ht
&as' & as' 1 ( 0nstall an9 Con<$ure 00S 1. Sele Selec ct th the demom1 that you create9 earlier.

). Clic' Clic' on the the CO;;"C& CO;;"C& button button at the botto. botto.

-. 7ou will see a 3o3 u3 for the the 9ownloa9 of 2+%
. "nt "nter the credentials for the virtual achine +eov1 an9 clic' o? .

5. Once lo$$e9 in clic' the %owerShell %owerShell 0con 0con on the the tas' bar then e#ecute e#ecute the followin$ %owerShell coan9.

/nstall0+indo!seatu /nstall0+indo!seature re +eb0#erer 0/ncludeAll#ubeature F /ncludeMana(ement-ools ,. >hile >hile 00S is installi installin$ n$ re3eat re3eat ste3s ste3s 1@5 on demom=. 4. Once 00S is installe9 on on the servers servers navi$ate navi$ate to the
8. ;ow you you have have to e9it e9it the the 9efau 9efault lt iisstart>htm
. Once note3a note3a9 9 is o3enG o3enG a99 the the server server nae nae B demom1D followe9 by the
ta$G as shown in the below screenshot an9 save it. &his chan$e will allow you to see which server the re!uest is currently bein$ serve9 fro.

1?.2e3eat Ste3s 4@ on the demom= virtual achine as well. Ma'e sure you s3ecify demom= as the server nae in ste3 .

E'ercise =: Con(urin Con(urin( ( the Load Balancer Balancer &as' & as' 1@ Creatin$ a Loa9 =alance9 =alance9 Set 1. Clic Clic' ' on on the the demom1 virtual achine that was create9 earlier.

). Clic Clic' ' on on the the E),PO/)-# tab.

-. Clic' on on A,, button at the botto of the 3a$e.

. Select A,, A #-A),0ALO)E E),PO/)- an9 clic' the ne#t arrow.

5. 0n the the ne#t ne#t screen screen select select *&&% *&&% un9er un9er name
,. Chec? the the chec' bo# for C.EA-E A LOA,0BALA)CE, #E- . &hen clic' on the ri(ht arro! button to continue to ne#t screen.

LOA,0BALA)CE, #E- )AME7 select 8--P 8- -P in the 4. S3ecify LB8--P for the LOA,0BALA)CE, P.OBE P.O-OCOL 9ro39own an9 in the P.OBE PA-8 htm. Clic? the the chec' ar' to continue.

8. >ait until until the u39ate is co co3let 3lete e before before 3rocee9in 3rocee9in$. $. . >ithin >ithin the Micros Microsoft oft Azure Azure Mana$een Mana$eentt %ortal %ortal o3en the demom= con<$uration an9 clic' E),PO/)-#. 1?.Clic' A,, to launch the a99 en93oint wizar9.

11.0n the Add E),PO/)- screenG select the ra9io button o3tion A,, A) E),PO/)- -O A) EH/#-/)G LOA,0BALA)CE, LOA,0BALA)CE, #E-. Select as LB8--P loa9 balancer > &hen clic' on on the arrow arrow ar' at the botto botto ri$ht corner corner to continue.

1).S3ecify 8--P in the ;AM"
1-.>ait until the u39ate is co3lete before 3rocee9in$.

E'ercise @: Verif$ Load Balancin( &as' & as' 1@ Verify Verify Loa9 =alancin$ =alancin$ 1. Select demom1 virtual achine an9 clic' on the dashboard.

). Scr Scroll oll 9ow 9own n an9 an9 cop$ the clou9 services ,)# )AME /2L un9er %uic? (lance section.

-. Clic' on new tab tab in internet internet e#3lorer e#3lorer an9 3aste the the /2L in the a99ress a99ress bar bar..

. &his will will serve u3 the o9i
5. ;ow 'ee3 3ress 3ressin$ in$ the D button in your browser until you see the server nae chan$e to the secon9 server in the loa9 balance9 set.

&as' & as' )@ View >eb >eb Lo$s to See the Loa9 =alancer =alancer *&&% %robes %robes 1. Sele Selec ct th the demom= virtual achine that was create9 earlier.

). Clic Clic' ' on on the the connect button at the botto an9 when 3ro3te9 lo$in with the 9eouser an9 9eoI3ass1 cre9entials.

-. Launch Launch >in9ow >in9ows s "#3lorer "#3lorer an9 an9 browse browse to the the 3ath C:inetpublo(sLo(iles+@#VC1> O3en u3 the web lo$
. 7ou can see the the re!uests fro the Microsoft Microsoft Azure Azure Loa9 =alancer =alancer by ;ote the res3onse co9e is *&&% =&&.

5. Close Close the lo$
4. >ait for the the loa9 balancer balancer to 9etect the -SVC1. 7ou shoul9 see *&&% ?s status to the loa9 balancer 3robe chec'.

8. 6o bac' to your browser browser session session an9 refresh refresh the 3a$e 3a$e ulti3le ulti3le ties usin$ usin$ the D button. 7ou shoul9 only see demom1 is now in the loa9 balance9 set.

. O3en recycl recycle e bin an9 2estor 2estore e the 9elete9 iissta iisstart.h rt.ht. t.

1?.>ait for 1@) inutes an9 refresh the 3a$e a$ain Bit ay ta'e ulti3le tiesD. 7ou 7ou shoul9 see that demom= is bac' in the loa9 balance9 set.

Lab @: #ummar$ 0n this labG you learne9 how to con<$ure loa9 balance9 *&&% en93oints. 7ou will also have learne9 how to con<$ure an *&&% *ealth %robe an9 to use the 00S >eb Lo$s to troubleshoot the Microsoft Azure *&&% Loa9 =alancer 3robe.

Lab : Con(urin( Access Control Lists E'ercise 1: #ecure .emote ,es?top Access Onl$ to the Local )et!or?

&as' & as' 1( Save the .2+%
). Clic Clic' ' on on the the connect button at the botto.

-. Clic' Clic' the the arr arrow ow by by the the #ae button an9 clic' #ae as.

. 0n tth he #ae as 9ialo$ bo# select des?top in the left 3ane an9 clic' sae.

5. +oub +ouble le cli clic' c' on on the the demom=>rdp. 0f you are 3ro3te9 for cre9entials this vali9ates that a connection can occur B9o not co3lete the lo$inD.

,. Switch to the Microsoft Microsoft Azure Mana$eent %ortal %ortal an9 select the demom1 virtual achine. 4. Clic Clic' ' on on the the connect button at the botto an9 fully lo$in with the 9eouser an9 9eoI3ass1 cre9entials.

8. Co3y th the demom=>rdp rdp. 0f you are 3ro3te9 for cre9entials this shows that you have connectivity to demom= fro demom1 B9o not co3lete the lo$inD.

&as' & as' )( "nable an Access Control Control List

1. O3en the the Virtua Virtuall Machine Machine 9ashbo 9ashboar9 ar9 for demom1 an9 co3y the P3BL/C V/.-3AL /P 5V/P6 A,,.E##.

). O3en the en93oint en93oint con<$ura con<$uration tion for demom=>

-. Clic' on on E),PO/)-#>

. Select .emote ,es?top en93oint.

5. 0n the the botto botto of of the 3a$e 3a$e clic' clic' on on MA)AGE ACL button.

,. S3ecify S3ecify the the followin followin$ $ 3ro3er 3ro3erties ties in in the #pecif$ ACL details for the .emote ,es?top endpoint screen> &he 0% a99ress a99ress shoul9 shoul9 be the V0% you co3ie9 earlier. earlier. a. 2ule ule ( Or9e Or9err 1

i. +escri3tion: Allow Local Access ii. AC&0O;: %erit iii. iii. 2eote eote Subnet Subnet:: )-..8)-..8-.18 .18EE-) )

)ote: =y 9efaultG a %erit %erit rule will 9eny access to all 0%s not s3eci
&as' & as' -( Vali9ate Vali9ate the Access Access Control List 1. +ouble clic' the demom=>rdp rdp
Lab : #ummar$ 0n this labG you shoul9 have learne9 how to use access control lists to liit access to a 3ublic en93oint on a Microsoft Azure Virtual Machine.

Lab D: Con(urin( Point0to0#ite E'ercise 1: Create a Virtual )et!or? &as' & as' 1 ( Create a Virtual Virtual ;etwor' 1. Launch Launch a browser browser an9 navi$ate navi$ate to htt3s:EEana$e.win9owsazure.co htt3s:EEana$e.win9owsazure.co..

). Clic Clic' ' on on the the )E+7 )E-+O.4 #E.V/CE#7 V/.-3AL )E-+O.47 C3#-OM C.EA-E

-. S3ecify ppe0net as the nae of the virtual networ' an9 select the re$ion you are wor'in$ closest to an9 clic' the ne#t arrow to continue.

. Acce3 Acce3tt the the 9efaul 9efaults ts on on the the ,)# #erers and VP) Connectiit$ 3a$e an9 clic' the ne#t arrow to continue. 5. Chan$e Chan$e the the S&A2 S&A2&0; &0;6 6 0% to 1&>&>1I>& an9 C/,. 9=> &hen 3ress the chec'ar' to create the virtual networ'.

E'ercise =: ,eplo$ a Virtual Machine into the Virtual )et!or? &as' & as' 1 ( +e3loy a Virtual Machine Machine into the Virtual Virtual ;etwor' 1. Clic' on on )E+7 COMP3-E7 V/.-3AL MAC8/)E7 .OM GALLE.;

). Select +indo!s #erer =&1= .= ,atacenter

-. S3ec S3ecif ify y the the name of the virtual achine an9 a username and pass!ord.

. S3eci S3ecify fy a uni! uni!ue ue nae nae for for the the CLO3, #E.V/CE ,)# )AME an9 for the .EG/O)9A/)/-; G.O3P9V/.-3AL .EG/O)9A/)/-; G.O3P9V/.-3AL )E-+O.4 s3ecify s3ecify the virtual networ' create9 in the
5. Clic' the ne#t ne#t arrow arrow an9 on the last last 3a$e clic' the chec' chec' ar' to create the virtual achine.

E'ercise @: Con(ure Point0-o0#ite Connectiit$ for the Virtual )et!or? &as' & as' 1 ( "nable %oint@& %oint@&o@Site Connectivity 1. Clic' on on )E-+O.4# on the left of the screen.

). Clic Clic' ' on on the the PPE0V)E- networ'. -. Clic Clic' ' on on the the CO)/G3.E tab at the to3. . Clic Clic' ' the Con(ure pont0to0site connectiit$ chec' ar'.

5. Clic' Clic' the SAV" SAV" button button at the the botto botto of the scr screen. een.

,. >hen 3ro3te9 3ro3te9 to conti continueG nueG clic' clic' ;E#.

&as' & as' ) ( Create a ;etwor' ;etwor' 6ateway 1. Clic Clic' ' on on the the ,A#8BOA., tab at the to3 to3 of the screen. screen. ;otice the essa$e essa$e about the $ateway not bein$ bein$ create9. &his is necessary necessary for 3oint@to@site connectivity to function.

GA-E+A; button ). Clic Clic' ' on on the the C.EA-E GA-E+A; button at the botto of the screen.

&his will ta'e ta'e a few inutes inutes to create create so 3rocee9 3rocee9 to the ne#t ne#t tas' while while this is wor'in$.

&as' & as' - ( Create a Virtual Virtual ;etwor' Authentication Authentication Certi
). "#ecute "#ecute the followin followin$ $ coan9 coan9 to create a self0si(ned root certicate . makecert -sky exchange -r -n "CN=PPEP2SRoot" -pe -a sha1 -len 2! -ss #y $\PPEP2SRoot$cer

-. "#ecute "#ecute the followin followin$ $ coan9 coan9 to create a self0si(ned client certicate usin$ the 3reviously create9 root certi
. Launch Launch cert cert$r $r.sc .sc by ty3in$ ty3in$ +indo!s 4e$ * . an9 ty3e certm(r>msc then 3ress enter. 5. Select Personal 0 Certicates an9 scroll 9own until you see a certi
,. "#3 "#3ort th the PPEP=#Client certiPH6 an9 clic' )e't. e. Clic' Clic' the the chec' chec'bo bo# # ne#t ne#t to Pass!ord an9 enter a 3asswor9. 3asswor9. Clic' )e't. f. or or the the fol9e fol9err an9 an9 3ath 3ath ente enterr C:\PPEContent . Clic' )e't. $. Clic' inish. h. Clic' O4 on on the 9ialo$ in9icatin$ the e#3ort was successful. i. Close MMC.

&as' & as'  ( /3loa9 Client Authentication Certi
e. Clic Clic' ' the the 3PLOA, A .OO- CE.-//CA-E lin'. f. 0n the the browse browserr 9ialo$G 9ialo$G navi$ate navi$ate to the locati location on of the PPEP=#.oot>cer
$. Clic' Clic' he chec' chec' ar' ar' to u3loa9 u3loa9 the the certi
E'ercise @: Con(ure Client Machine to Connect to Virtual )et!or? &as' & as' 1 ( 0nstall client certiin9o >in9ows ws "#3lor "#3lorer er an9 navi$ate navi$ate to the the C:\PPEContent fol9er. ). 2i$h 2i$ht@ t@cl clic ic' ' on the the PPEP=#Client>pf' certihen 3ro 3ro3te9 3te9 to insta install ll the certi
5. Clic Clic' ' the O4 button button on the 9ialo$ in9icatin$ the i3ort was successful.

&as' & as' ) ( 0nstall the Client V%; %ac'a$e %ac'a$e 1. 0n the Microsof Microsoftt Azure Azure Mana$eent Mana$eent %orta %ortalG lG clic' clic' on the ,A#8BOA., tab for the virtual networ'.

). 0nst 0nstal alll the the Client VP) Pac?a(e by clic'in$ on the a33ro3riate a33ro3riate o3tion in the %uic? (lance section.

-. >hen 3ro 3ro3te9 3te9 to run run or save save the 3ac'a$ 3ac'a$eG eG select select #ae to save the
. 7ou will see a warnin$ warnin$ essa$e essa$e because the 3ac'a$e 3ac'a$e is not si$ne9. 7ou can i$nore this essa$e for the 3ur3oses of this lab. *oweverG for future client achines you want to connect to his networ'G you ay want to si$n this
b. Clic' O4 . c. +ouble@cl +ouble@clic' ic' on the the ."" ."" to instal installl the Client Client V%; %ac' %ac'a$e. a$e. >hen ;es. 3ro3te9 to install select ;es

E'ercise @: Connect to the Virtual Machine usin( Point0-o0#ite VP) Connectiit$ &as' & as' 1 ( 6et 0% A99ress A99ress of Virtual Machine Machine in the Virtual ;etwor' ;etwor' 1. 0n the Microsof Microsoftt Azure Azure Mana$eent Mana$eent %orta %ortalG lG clic' clic' on the ,A#8BOA., tab for your Virtual ;etwor'. ). 0n the resources sectionG locate the /P A,,.E## of the virtual achine you create9 in the 3revious 3revious lab. Ma'e a note of this 0% A9ress.

&as' & as' ) ( Connect to Virtual ;etwor' ;etwor' throu$h the V%; V%; Client 1. Clic' on the the 0nternet 0nternet Connection Connection icon in in the syste syste tray Bri$ht Bri$ht si9e of your tas' barD.

). Sele Selec ct th the PPE0V)E- client connection an9 clic' the Connect button.

-. >hen th the VP) Client o3ensG clic' on the Connect button.

. Clic Clic' ' the Continue button to elevate Connect Mana$erKs 3rivile$es.

5. BO3tionalD 6o bac' to the Microsoft Microsoft Azure Azure Mana$eent Mana$eent %ortal %ortal an9 you can see the +AS*=OA2+ u39ate9 to show 1 Client connection.

&as' & as' - ( Connect to Virtual Machine Machine usin$ 0nternal 0% A99ress A99ress 1. %ress +indo!s 4e$ * .G ty3e mstsc an9 3ress Enter. ). &y3e in the 0% A99ress A99ress for the virtual virtual achine that that you note9 in the the 3revious ste3 an9 clic' the Connect buton.

-. Lo$in with with the cre9entials cre9entials you you 3rovi9e9 3rovi9e9 when you create9 create9 the virtual virtual achine.

;es button on the 2eote +es'to3 Connection warnin$ 9ialo$. . Clic Clic' ' the ;es

7ou 7ou are now now connect to the the Virtual Virtual Machine usin$ usin$ the V%; Client Client an9 its internal 0% A99ress.

&as' & as'  ( 2eove 2eove %ublic "n93oints for Virtual Virtual Machine 1. 0n the Microsof Microsoftt Azure Azure Mana$eent Mana$eent %orta %ortalG lG clic' clic' on V/.-3AL MAC8/)E# on the left navi$ation. ). Clic' on the the Virtual Virtual Machine Machine that is in the %%"@V; %%"@V;"& "& Virtual Virtual ;etwor'. ;etwor'.

-. Clic Clic' ' on on the the E),PO/)-# tab at the to3 of the screen.

&hese 3ublic 3ublic en93oints are are no lon$er nee9e9 nee9e9 now that that you have 3oint@to@site 3oint@to@site connectivity to the virtual networ' this achine is in. . Clic Clic' ' on on the the Po!er#hell endpoint to select it an9 then clic' the ,ELE-E button at the botto of the screen.

5. Clic Clic' ' on on the the .emote ,es?top endpoint to select it an9 then clic' the ,ELE-E button at the botto of the screen.

Lab D: #ummar$ 0n this lab you learne9 how to con<$ure 3oint@to@site 3oint@to@site connectivity for a virtual networ' an9 then use the V%; Client to connect to the Virtual ;etwor'. 7ou learne9 what is re!uire9 to authenticate authentica te clients to the virtual networ'. inallyG you observe9 that the 9efault 3ublic en93oints are not necessary when 3oint@to@site connectivity is con<$ure9 for your networ'.

Lab I: Create and Con(ure an Azure Actie ,irector$ Oerie! 0n this labG you will learn how to create an Azure Active +irectory an9 associate it with your Azure Subscri3tion. Subscri3tion . ;e#tG you will create users as re$ular users in the 9irectory as well as $lobal a9inistrators a9inistrat ors in the 9irectory. 9irectory. Si$ne9 in as a $lobal a9inistratorG you will create a security $rou3 an9 a99e9 users to the $rou3.

Ob"ecties &his 9eo will will wal' you throu$h throu$h how to: to: Create a Microsoft Azure Active +irectory usin$ the Azure Mana$eent %ortal Associate the Active +irectory with your Azure subscri3tion A99 /sers to the Active +irectory Show Ca3abilities of the 6lobal A9inistrator 2ole Show Ca3abilities of the /ser 2ole

"stiate9 tie to co3lete this lab: 1D Minutes

E'ercise 1: Create an Azure Actie ,irector$ usin( the Microsoft Azure Mana(ement Portal &as' & as' 1 ( Lo$in to the Azure Azure Mana$eent %ortal %ortal )?.Launch a browser an9 navi$ate to htt3s:EEana$e.win9owsazure.co htt3s:EEana$e.win9owsazure.co.. >hen 3ro3te9G si$n@in with your cre9entials to access your Azure Subscri3tion.

)ote: 7ou ay nee9 to launch an Fin@3rivateF session in your browser if you have ulti3le >in9ows Accounts.

&as' & as' ) ( Create a new Active Active +irectory +irectory 1. 0n the >in9ow >in9ows s Azure Azure Mana$eent Mana$eent %orta %ortalG lG select select *)E+ 0 APP #E.V/CE# 0 AC-/VE ,/.EC-O.; 0 ,/.EC-O.; 0 C3#-OM C.EA-E . ). 0n the A99 9irectory 9irectory win9ow s3ecify the new 9irectory settin$s. a. Set ,irector$ to Create ne! director$. b. Set )ame to a nae of PPE Labs A,. c. Set ,omain )ame to a (loball$ uni%ue name of $our choice. 9. Set Countr$ to $our countr$.

&as' & as' - @ Associate the Active Active +irectory +irectory with your Azure Azure subscri3tion 1

;ow that that your Active Active +irector +irectory y for your or$ani or$anizati zation on e#istsG e#istsG the ne#t ne#t thin$ thin$ you nee9 to 9o is associate this 9irectory with the >in9ows Azure subscri3tion. >hat this eans is that when when you lo$in to the Azure Azure Mana$eent %ortal for this subscri3tionG you will be 9oin$ so in the real of your new Active +irectory.

)1.Clic' on #E--/)G# on the left of the screen. )).Clic' on #3B#C./P-/O)# at the to3 of the screen. )-.*i$hli$ht your >in9ows Azure Subscri3tion Subscri3tion an9 clic' on the E,/,/.EC-O.; button button at the botto of the screen. ).Select the new Active +irectory you create9 in the 3revious tas'.

)5.Clic' the ri(ht arro! to $o to the ne#t screen. ),.Clic' the chec? mar? to to save the chan$e. )4.&he >in9ows Azure Mana$eent %ortal will reloa9 as result of this chan$e. ;otice the chan$e in the the /2L with res3ect res3ect to the real. 0t will show the new Active +irectory as the real in the /2L.

E'ercise =: Add 3sers to Actie ,irector$ &as' & as' 1 ( A99 a 6lobal A9inistrator A9inistrator to the Active Active +irectory +irectory ,/.EC-O.; lin' 1. 0n the Azure Azure Mana$een Mana$eentt %ortalG %ortalG clic' clic' on the the AC-/VE ,/.EC-O.; lin' on the left of the screen.

). Clic' on the the nae of the 9irectory 9irectory you create9 3reviously 3reviously..

-. Clic Clic' ' on the the 3#E.# tab at the to3 of the screen.

. At the the botto botto of of the screenG screenG clic' clic' the the A,, 3#E. lin' to a99 a new user.

5. 0n the A99 A99 /ser /ser win9ow win9ow s3ecif s3ecify y the new user user settin settin$s. $s. -$pe of 3ser )e! user in $our or(anization a. Set to . b. Set 3ser )ame to a nae of "ohndoe.

,. 0n the user user 3ro
e. Set Alternate Alternate "ail A99ress A99ress to an eail a99ress of your choices. 2ecoen9 usin$ the Microsoft Account eail a99ress for the subscri3tion. &hat isG the Account Account A9inistrator. A9inistrator. f. Clic' Clic' the the ri$ ri$ht ht arr arrow ow to cont continu inue e

4. 0n the 6et te3ora te3orary ry 3asswor 3asswor9 9 win9owG win9owG clic' clic' the $reen $reen create button to $enerate a te3orary 3asswor9 for the user. 8. 0n the the ;ew %assw %asswor9 or9 in9ows Azure Mana$eent %ortal or 3rovision services in the Subscri3tion BVirtual MachinesG ;etwor'sG etc.D because this user is not a Co@A9inistrator for the Microsoft Azure Subscri3tion.

&as' & as' ) ( A99 a /ser to the Active Active +irectory +irectory 1. 2e3eat e3eat &as' 1 to to a99 a99 a user as ane #mith. a. Set 3#E. )AME to "anesmith. b. Set .OLE to 3ser.

&his user is a user in the 9irectory 9irectory ri$ht now. now. &his user cannot cannot a9inister a9inister the Active +irectory nor can this user lo$in to the Azure Mana$eent %ortal an9 3rovision services.

&as' & as' - ( A99 a Co@A9inistrator Co@A9inistrator for the Microsoft Microsoft Azure Subscri3tion Subscri3tion 1. ). -. .

Clic Clic' ' on the the #E--/)G# lin' on the left of the screen. Clic Clic' ' on the the A,M/)/#-.A-O.# tab at the to3 of the screen. Clic Clic' ' on the the A,, button at the botto of the screen. "nter "nter the the eail eail a99r a99ress ess for for ohn ,oe. >hen you 9o thisG the 3ortal will verify the user nae nae an9 show a $reen $reen chec' ar'. ;otice that the user account is an Or(anizational AccountG i9enti
5. Clic' Clic' on the chec' chec' bo# ne#t ne#t to the Azure Azure Subscr Subscri3ti i3tion. on. ,. Clic' the chec' ar' to to a99 the user as a Co@A9inistrator Co@A9inistrator of the Azure Azure Subscri3tion.

&his userG now bein$ a Co@A9inistrator Co@A9inistrator for the Azure Subscri3tionG Subscri3tionG will be able to lo$in to the 3ortal an9 3rovision services on the Subscri3tion. &his user is also a 6lobal A9inistrator so this user can also a9inister the Active +irectory. +irectory. 4. Si$n@out Si$n@out of the Azur Azure e Mana$een Mana$eentt %ortal %ortal..

E'ercise @: Create a #ecurit$ Group and add 3sers to the Group &as' & as' 1 ( Si$n@in to the Azure Mana$eent Mana$eent %ortal %ortal as the 6lobal A9inistrator A9inistrator 1

Si$n Si$n@i @in n to to the the 3ort 3ortal al at htt3s:EEana$e.win9owsazure.co htt3s:EEana$e.win9owsazure.co as as the ohn ,oe user. user. Since this is the
)8."nter the temporar$ pass!ord an9 then 3rovi9e a ne! permanent pass!ord as demopass1. %ress the submit button.

).Clic' throu$h the new new user tour 9ialo$ 9ialo$s s for user ohn +oe. 0n the Azure Mana$eent %ortalG you will see user ohn +oe si$ne9@in as an Or$anizational /ser in the u33er@ri$ht corner of the screen.

&as' & as' ) ( Create a Security Security 6rou3 1

Clic' on AC-/VE ,/.EC-O.; on on the left navi$ation.

-?.Clic' on the PPE Labs A, 9irectory nae. -1.Clic' the A,, G.O3P button at the botto of the screen. a

Set the )AME to 8elp ,es?>

b

Set the ,E#C./P-/O) to 3sers staNn( the help des? .

c

Clic' Clic' the the chec chec'a 'ar' r' butto button n to cre create ate the the $rou3 $rou3..

&as' & as' - ( A99 a /ser to the Security Security 6rou3 1

Clic' on the 8elp ,es? $rou3. $rou3.

-).Clic' on the A,, MEMBE.# lin' at the botto of the screen. --.Clic' on ane #mithG which will result in ane Sith a33earin$ in the #ELEC-E, section an9 then clic' the chec'ar' button.

-.ane Sith is now a eber of the *el3 +es' security $rou3.

E'ercise : #i(n0in to the Azure Mana(ement Portal as a 3ser 1

ro the 0nternet 0nternet "#3lor "#3lorer er ain ain enuG enuG select select -ools 0 /nPriate =rowsin$.

-5.0n the new browser win9owG win9owG si$n@in to the 3ortal at htt3s:EEana$e.win9owsazure.co as htt3s:EEana$e.win9owsazure.co as the ane #mithr. Since this is the
-,."nter the temporar$ pass!ord an9 then 3rovi9e a ne! permanent pass!ord as demopass1. %ress the submit button.

-4.As the 3ortal starts to loa9G you will $et a essa$e in9icatin$ that there were no subscri3tions foun9 for the ane Sith user. user. &his is e#3ecte9. e#3ecte9. 2ecallG ane Sith is not a Co@A9inistrator on the Azure Subscri3tion. &hereforeG &hereforeG ane is not able able to si$n@in to the Azure Azure %ortal %ortal an9 3rovision 3rovision services.

-8.Close the 0nternet "#3lorer win9ow that is in 0n%rivate =rowsin$ o9e.

Lab I: #ummar$ 0n this labG you learne9 how to create an Azure Active +irectory an9 associate it with your Azure Subscri3tion. 7ou then learne9 how to create users as re$ular re$ular users in the 9irectory as well as $lobal a9inistrators a9inistrat ors in the 9irectory. 9irectory. Si$ne9 in as a $lobal a9inistratorG a9inistrat orG you create9 create9 a security $rou3 an9 a99e9 users to the $rou3. $rou3. inallyG you observe9 that users that are not co@a9inistrators on the Azure subscri3tion subscri3tion are not able to si$n@in to the Azure Mana$eent %ortal.

Lab : Application Access Oerie! 0n this labG you will learn how to a99 a Software@as@a@Service Software@as@a@Service BSaaSD a33lication for %asswor9@base9 Sin$le Si$n@on to your Azure Active +irectory. +irectory. &he SaaS A33lication you will con<$ure will be Microsoft One+rive. After a99in$ the a33lication to your Azure Active +irectoryG you will then learn how to assi$n user access to the

a33lication. a33lication . inallyG you will si$n@in to the Access Access %anel as a user of the 9irectory to see an9 launch the Microsoft One+rive a33lication.

Ob"ecties &his 9eo will will show how to: A99 a SaaS a33lication BMicrosoft One+riveD fro the Azure A33lication 6allery to your Azure Active +irectory Con<$ure the a33lication for %asswor9@base9 Sin$le Si$n@On Assi$n 3erissions for users to access the a33lication /se the Access %anel to see an9 launch the a33lication

Prere%uisites 1. &his han9s@o han9s@on@lab n@lab assue assues s you alrea9y alrea9y co3let co3lete9 e9 the Azure A, /ntroduction lab. ). A Microsoft Account.

"stiate9 tie to co3lete this 9eo: 1D Minutes

E'ercise 1: Add a #aa# Application from the Azure Application Galler$ to $our Azure Actie ,irector$ &as' & as' 1 ( A99 the Microsoft Microsoft One+rive A33lication A33lication 1. Launch Launch a browser browser an9 navi$ate navi$ate to htt3s:EEana$e.win9owsazure.co htt3s:EEana$e.win9owsazure.co.. ). Si$n Si$n@i @in n as the the ohn ,oe user. -. Clic Clic' ' on on the the AC-/VE ,/.EC-O.; tab tab . Clic Clic' ' on on the the PPE Labs A, 9irectory. 5. Clic Clic' ' on on the the APPL/CA-/O)# lin' at the to3 of your screen. ,. Clic Clic' ' on on the the A,, button at the botto of the screen.

4. Clic' Clic' on the the o3ti o3tion on to Add an application from the (aller$.

8. 0n the the A33lica A33lication tion 6alleryG 6alleryG sear search ch for for  One,rieN. Clic' on Microsoft One,rie an9 then clic' the chec'ar' button.

&as' & as' ) ( Assi$n user access to the Microsoft Microsoft One+rive a33lication a33lication 1. Clic Clic' ' on the the $ree $reen n Assi(n users button.

). Clic Clic' ' on on the the user user ane #mith. -. Clic Clic' ' the A##/G) button at the botto of the screen. . 0n the the Assi$n Assi$n /sers win9owG clic' the chec'ar' button. +o not not chec' chec' the chec'bo# to enter Microsoft One+rive cre9entials on behalf of the user.

&as' & as' - ( /se the Access %anel %anel to see an9 launch Microsoft Microsoft One+rive 1. At the the 0nterne 0nternett "#3lore "#3lorerr ain ain enuG enuG select select ile 0 )e! session to o3en a new browser session. ). 0n the the new browser browser sessionG sessionG navi$ate navi$ate to to htt3:EEya33s.icrosoft.co htt3:EEya33s.icrosoft.co.. -. Si$n@i Si$n@in n as as ane ane Sith. Sith.

"anesmith$ourdirector$>onmicrosoft>com microsoft>com a. /ser /sern nae: ae: "anesmith$ourdirector$>on b. %assw asswor or9: 9: demopass1

. 0n the Access %anelG %anelG clic' on the Microsoft Microsoft One+rive One+rive A33lication. A33lication.

5. &he
,. After After installin$ the Access %anel e#tensionG e#tensionG restart restart the browser browser an9 navi$ate navi$ate bac' to the Access %anel htt3:EEya33s.icrosoft.co htt3:EEya33s.icrosoft.co.. 4. Clic Clic' ' on on the the Microsoft One,rie a33lication. a33lication. Since this is the
8. 7our One+riv One+rive e will o3en in in the browser browser..

0n the futureG when you launch Microsoft One+rive fro the Access %anel as the ane Sith userG userG you will not not be challen$e9 challen$e9 for cre9entials. cre9entials. Azure A+ has securely store9 your cre9entials an9 will authenticate you autoatically for your One+rive account.

Lab : #ummar$ 0n this labG you learne9 how to a99 the Microsoft One+rive a33lication to your Azure Active +irectory. +irectory. 7ou con<$ure9 the a33lication for %asswor9@base9 %asswor9@base9 Sin$le Si$n@On Si$n@ On an9 then assi$ne9 user access to the a33lication. inallyG you use9 the Access Access %anel to see an9 launch the a33lication when si$ne9 in as a user in the Azure Active +irectory.

Lab : Multi0 Multi0actor actor Authentication Oerie! 0n this labG you will learn how to create an9 con<$ure a ulti@factor authentication authentication 3rovi9er in Microsoft Azure an9 how to enable ulti@factor authentication for users in your Azure Active +irectory.

Ob"ecties &his lab will will show how to: Create a ulti@factor authentication 3rovi9er usin$ the Azure Mana$eent %ortal. "nable ulti@factor authentication for users in your Azure Active +irectory.

Prere%uisites -. &his han9s@o han9s@on@lab n@lab assue assues s you alrea9y alrea9y co3let co3lete9 e9 the Application Access0 Pass!ord0Based lab.

"stiate9 tie to co3lete this 9eo: 1D Minutes

E'ercise 1: Create a Multi0actor Authentication Proider &as' & as' 1 ( Si$n@in to Azure Mana$eent Mana$eent %ortal %ortal 1. Launch Launch a browser browser an9 navi$ate navi$ate to htt3s:EEana$e.win9owsazure.co htt3s:EEana$e.win9owsazure.co.. ). Si$n Si$n@i @in n as the the ohn ,oe user. "ohndoe$ourdirector$>onmicrosoft>com icrosoft>com a. /ser /sern nae: ae: "ohndoe$ourdirector$>onm b. %assw asswor or9: 9: demopass1

&as' & as' ) ( Create a Multi@ Multi@actor Authentication %rovi9er %rovi9er 1. Clic' on on *)E+ 0 APP #E.V/CE# 0 AC-/VE ,/.EC-O.; 0 M3L-/0 AC-O. A3-8E)-/CA-/O) 0 23/C4 C.EA-E . a. Set the )AME to PPE Labs. b. Set 3#AGE MO,EL to Per Enabled 3ser. c. Set ,/.EC-O.; to to PPE Labs A, . 9. Clic Clic' ' the the C.EA-E lin' in the botto@ri$ht corner.

E'ercise =: Man(e Multi0actor Authentication for a 3ser in the Actie ,irector$ &as' & as' 1 ( "nable Multi@actor Multi@actor Authentication for /ser 1. ). -. .

Clic Clic' ' on on the the AC-/VE ,/.EC-O.; section section on the left of your screen. Clic' on on PPE Labs A, in the )AME colun. Clic Clic' ' on on the the 3#E.# tab at the to3 of the screen. *i$hl *i$hli$h i$htt B9onKt B9onKt clic clic' ' onD the the ane #mith user an9 clic' on the MA)AGE M3L-/0AC-O. A3-8 button at the botto of the screen.

5. Chan Chan$e $e the Vie! to #i(n0in allo!ed users.

,. Clic' Clic' on on the the chec' chec' bo# bo# ne#t ne#t to ane #mith. 4. Clic Clic' ' on on the the Enable lin' for the user.

8. Clic Clic' ' on on the the enable multi0factor auth button in the 9ialo$ win9ow.

. Clic Clic' ' on on the the close button. 1?.&he ane #mith user will now show Enabled in the Mult0actor Auth #tatus colun.

&as' & as' ) ( Setu3 A99itional Security Security Verionmicrosoft>com microsoft>com a. /ser /sern nae: ae: "anesmith$ourdirector$>on b. %assw asswor or9: 9: demopass1 -. %oint out the essa$e essa$e about nee9in$ to verify the the account an9 then clic' on the #et it up no! button.

. 0n the a99itional security veri
a. Set Set the the
5. Clic Clic' ' on on the the erif$ no! button.

,. 2etrieve 2etrieve the veri
8. Clic Clic' ' the ne't button.

. Clic Clic' ' on on the the / donQt use this account !ith these apps button.

1?.&o
11.Close the 0n%rivate =rowsin$ browser win9ow.

E'ercise @: Vie! Multi0actor Authentication .eport &as' & as' 1 ( 2un a Multi@ Multi@actor actor Authentication 2e3ort 2e3ort 1. 0n the Azur Azure e Mana$eent Mana$eent %orta %ortalG lG si$n@in si$n@in as the the ohn ,oe user if youKre not alrea9y. ,/.EC-O.; on ). Clic' on on AC-/VE ,/.EC-O.; on the left of the screen. M3L-/0AC-O. AC-O. A3-8 P.OV/,E.# at the to3 of the screen. -. Clic' on on M3L-/0

. Clic Clic' ' on on the the MA)AGE button at the botto of the screen. 5. Clic Clic' ' on on the the V/E+ A .EPO.- lin'.

,. Clic' on on #ummar$.

4. ee3 ee3 the 9efau 9efaults lts values values an9 an9 clic' clic' on the the .un button.

&as' & as' ) ( View a Multi@ Multi@actor Authentication 2e3ort 2e3ort 1. Clic Clic' ' on on the the 2ueued lin' on the left of the screen.

). Clic Clic' ' on on the the Vie! lin' for the re3ort you ran in the 3revious e#ercise.

-. 7ou shoul9 shoul9 see the two two authentic authenticatio ations ns for user user ane #mith.

. Bo3tionalD 2un a 9etaile9 9etaile9 re3ort re3ort to to see the 9etails 9etails for each user that that are are available.

Lab : #ummar$ 0n this labG you learne9 how to create an9 con<$ure a ulti@factor authentication 3rovi9er in Microsoft Azure. 7ou also saw how to enable ulti@factor authentication authenti cation for users in your Azure Active +irectory an9 you learne9 how to run a ulti@factor authentication authentication usa$e re3ort.

Lab R: +ebsites !ith a #2L Bac?end Oerie! 0n this labG you will learn how to create an9 con<$ure con<$ure a SL Server virtual achine an9 then create a Microsoft Azure >ebsite usin$ the $allery e#3erience to connect to it.

Ob"ecties &his 9eo will will show how to: Create a SL Server Virtual Machine Create a Microsoft Azure >ebsite fro the 6allery "stablish a connection to the SL Server usin$ 3ublic en93oints.

#$stem re%uirements 7ou 7ou ust have the the followin$ to co3lete this 9eo: A reliable 0nternet connection An active Microsoft Azure subscri3tion

"stiate9 tie to co3lete this 9eo: @& Minutes

E'ercise 1: Con(ure the ,atabase &as' & as' 1 ( Create a SL Server Server Virtual Machine Machine -.Clic' the ;"> button at the botto left of the ana$eent 3ortal.

?.Clic' COMP3-E7 V/.-3AL MAC8/)E an9 then .OM GALLE.;

1.Select #2L #E.VE. on the ia$e $allery o3tions below M/C.O#O-. Once selecte9 choose #2L #erer =&1= #P1 Enterprise B>in9ows Server )?1)D fro the o3tions an9 clic' the Arrow to continue.

)."nter the con<$uration for the virtual achine. a

V02&/AL V02&/AL MAC*0;" MAC*0;" ;AM": ;AM": this this is is the the co3uter co3uter nae. &his value value ust be uni!ue within the sae clou9 service. S3ecify Orchard#2L.

b

#/
c

)E+ 3#E. )AME: the local a9inistrator account Bcannot be a9inistratorD. S3ecify: 9eouser an9 a stron$ 3asswor9.

-.On the ne#t screenG s3ecify s3ecify a uni!ue nae for your clou9 serviceG the 9ata center location an9 stora$e account that you create9 as 3art of the setu3. .

.On the en93oint con<$uration con<$uration 3a$e select the 9ro3 9own an9 select MSSL for the en93oint to allow trac on 1--.

5.Clic' the Chec'ar' at the botto of the screen to co3lete the virtual achine creation. ,.Connect to the virtual achine by clic'in$ the CO))EC- button on the toolbar an9 lo$$in$ in with the cre9entials s3eci

8.

Select Select the the 0nbo 0nboun9 un9 2ule ;o9eG ;o9eG ri$ht ri$ht clic' clic' an9 clic' clic' )e! .ule

.. 

0n the the new new rul rule e wiz wizar ar9 9 sel selec ectt Port an9 clic' ne#t.

5?. 5?. 0n the the %r %rotoc otocol ols s an9 an9 %or %orts ts 9ia 9ialo lo$G $G s3e s3eci cify fy 1@@ for the local 3orts.

51. Acce3 Ac ce3tt the 9efaul 9efaultt setti settin$ n$s s for reai reainin nin$ $ scre screens ens e#c e#ce3t e3t the the last last one. ;ae the rule #2L#erer.ule an9 co3lete the wizar9.

&as' & as' ) ( Create Orchar9 Orchar9 +atabase 1

Launch Launch SL SL Mana$ee Mana$eent nt Stu9io Stu9io by clic' clic'in$ in$ to to the the far left botto botto corne cornerr of the screen to brin$ u3 the >in9ows 8 /0. &y3e SL an9 the search will autoatically
5).Once starte9 clic' Connect to lo$in to the SL Server

5-.2i$ht clic' the server nae an9 clic' Properties.

5.Clic' on Security an9 Chan$e #erer Authentication to #2L #erer and +indo!s Authentication o9e.

55.%ress O to continue.

5,.2i$ht clic' on the server an9 choose .estart to have the settin$s ta'e ePect.

54.2i$ht clic' ,atabases an9 clic' )e! ,atabase.

58.;ae the new 9atabase Orchar9+= Orchar9+= an9 3ress O to create the 9atabase.

5.;e#t create a new user for the SL Server by e#3an9in$ Security Security an9 ri$ht clic'in$ on Lo(ins then choose )e! Lo(in>

,?.Create the lo$in

a. Chan$ Chan$e e the the lo$in lo$in ty3e ty3e to #2L #erer Authentication b. S3ecify S3ecify the the user user nae nae an9 3asswor 3asswor9: 9: demouser an9 use the sae 3asswor9 you s3eci
,1.A99 the user to the Orchar9 +atabase by e#3an9in$ Orchard,BG #ecurit$ an9 ri$ht clic'in$ on users an9 clic'in$ )e! 3ser.

,)."nter demouser for the user nae an9 demouser for the lo$in nae.

,-.&hen select Membership an9 chec' dbSo!ner.

E'ercise =: Create a Microsoft Azure +ebsite usin( Orchard CM# &as' & as' 1 ( Create the Orchar9 Orchar9 >ebsite >ebsite )

O3en O3en the Azur Azure e Mana$e Mana$een entt %orta %ortall an9 clic clic' ' COMP3-EG +EB #/-EG .OM GALLE.;

,.On the left select CM#G Orchard CM# an9 clic' the ne#t arrow.

,5."nter a uni!ue nae for the website an9 select the re$ion you are wor'in$ in. &hen clic' the chec'bo# to create the website.

,,.O3en the 9ashboar9 of the newly create9 site. On the ri$ht si9e of the 3a$e un9er !uic' $lance co3y the #/-E 3.L an9 o3en it in a new tab in your browser. browser.

,4.Con<$ure the Orchar9 Site. S3ecify a name for the siteG demouser for the user nae an9 the pass!ord you have been usin$ u3 to this 3oint. "nsure you chan$e the 9ro39own to 3se an e'istin( #2L #erer7 #2L E'press ,atabase>

. ,8.S3ecify the connection strin$. 2etrieve the clou9 service of your SL Server by o3enin$ the 9ashboar9 of the SL virtual achine an9 notin$ the +;S nae.

/se the e#a3le below the te#tbo# to 3o3ulate the values.

*ere is a full e#a3le:

,ata #ourceTorchards%lsc>cloudapp>n #ourceTorchards%lsc>cloudapp>netU/nitial etU/nitial Catalo(TOrchard,bUPersist #ecurit$ /nfoT-rueU3ser /nfoT-rueU3ser /,TdemouserUPass!ordTdemopass1 ,.%ress inish Setu3 to Co3lete

Lab R: #ummar$ 0n this han9s on lab you learne9 how to con<$ure SL Server in a Microsoft Azure Virtual Machine an9 allow connectivity fro a Microsoft Azure >ebsite.

Azure PPE Lab Guide (Print Out)

Recommend Documents