Azure AD Identity Protection for your Microsoft 365 Enterprise test environment
This Test Lab Guide can only be used for Microsoft 365 Enterprise test environments.
Azure Active Directory (Azure AD) Identity Protection allows you to detect potential vulnerabilities affecting your organization’s identities, configure automated responses, and investigate incidents. This article describes how to use Azure AD Identity Protection to view the analysis of your test environment accounts.
There are two phases to setting up Azure AD Identity Protection in your Microsoft 365 Enterprise test environment:
- Create the Microsoft 365 Enterprise test environment.
- Use Azure AD Identity Protection.
Click here for a visual map to all the articles in the Microsoft 365 Enterprise Test Lab Guide stack.
Phase 1: Build out your Microsoft 365 Enterprise test environment
If you just want to test Azure AD Identity Protection in a lightweight way with the minimum requirements, follow the instructions in Lightweight base configuration.
If you want to test Azure AD Identity Protection in a simulated enterprise, follow the instructions in Pass-through authentication.
Testing Azure AD Identity Protection does not require the simulated enterprise test environment, which includes a simulated intranet connected to the Internet and directory synchronization for an Active Directory Domain Services (AD DS) forest. It is provided here as an option so that you can test Azure AD Identity Protection and experiment with it in an environment that represents a typical organization.
Phase 2: Use Azure AD Identity Protection
- Open a private instance of your browser and sign in to the Azure portal at https://portal.azure.com with the global administrator account of your Microsoft 365 Enterprise test environment.
- In the Azure portal, type identity protection in the search box, and then click Azure AD Identity Protection.
- In the Identity Protection - Overview blade, click on each of the reports to see what they are reporting.
- Under Notify, click Users at risk detected alerts.
- In the Users at risk detected alerts pane, select Medium.
- For Emails are sent to the following users, click Included and verify that your global admin account is in the list of selected members.
- Click Save.
Click through the different policies under Protect to see how to configure them. If you create and activate a policy, make sure it is not blocking access for too wide a scope of conditions, or you might not be able to sign in, even as the global admin.
For further testing and experimentation, see Simulating risk events.
See the Protect against credential compromise step in the Identity phase for information and links to deploy Azure AD Identity Protection in production.
Explore additional identity features and capabilities in your test environment.