Microsoft 365 for enterprise Test Lab Guides
This applies to both Microsoft 365 for enterprise and Office 365 Enterprise.
Test Lab Guides (TLGs) help you quickly learn about Microsoft products. They provide prescriptive instructions to configure simplified but representative test environments. You can use these environments for demonstration, customization, or creation of complex proofs of concept for the duration of a trial or paid subscription.
TLGs are designed to be modular. They build upon each other to create multiple configurations that more closely match your learning or test configuration needs. The "I built it out myself and it works" hands-on experience helps you understand the deployment requirements of a new product or scenario so you can better plan for hosting it in production.
You can also use TLGs to create representative environments for development and testing of applications, also known as dev/test environments.
Click here for a visual map to all the articles in the Microsoft 365 for enterprise Test Lab Guide stack.
First, you create a test environment for Microsoft 365 for enterprise that includes Office 365 E5, Enterprise Mobility + Security (EMS) E5, and Windows 10 Enterprise. You can create two different types of base configurations:
Use the lightweight base configuration when you want to configure and demonstrate Microsoft 365 for enterprise features and capabilities in a cloud-only environment, which does not include any on-premises components.
Use the simulated enterprise base configuration when you want to configure and demonstrate Microsoft 365 for enterprise features and capabilities in a hybrid cloud environment, which uses on-premises components such as an Active Directory Domain Services (AD DS) domain.
You can also create test environments for Office 365 E5 by not adding the Microsoft 365 E5 license to your trial or production test environment.
To demonstrate identity-related features and capabilities, see:
Enable and test password hash-based directory synchronization from an AD DS domain controller.
Enable and test pass-through authentication to an AD DS domain controller.
Enable and test federated authentication to an AD DS domain controller.
Enable and test Azure AD Seamless Single Sign-on (SSO) with an AD DS domain controller.
Enable and test smart phone-based multi-factor authentication for a specific user account.
Lock down your global administrator accounts with conditional access policies.
Use password writeback to change the password on your AD DS user account from Azure AD.
Use self-service password reset (SSPR) to reset your password.
Make administering new accounts easier than ever with automatic licensing and dynamic group membership.
Scan your current user accounts for vulnerabilities.
Create an environment to test recommended identity and device access configurations and conditional access policies.
Mobile device management
To demonstrate mobile device management-related features and capabilities, see:
Create a user group and a device compliance policy for Windows 10 devices.
Enroll iOS or Android devices and manage them remotely.
To demonstrate information protection-related features and capabilities, see:
Configure settings for increased Office 365 security and investigate built-in security tools.
Configure and apply Office 365 labels to a document in a SharePoint Online team site.
Configure privileged access management for just-in-time access to elevated and privileged tasks in your Office 365 organization.