You have seen that Azure AD offers a lot of add-on features more than legacy identity and management solutions. These features come with a price, and not all organizations need all these features. Licenses are categorized based on the number of premium features it supports. There are four editions of Azure Active Directory.
Azure Active Directory Free As the name implies, this is the free version of Azure Active Directory and offers minimal features such as user management, group management, Azure AD Connect for syncing on-premises identities, basic reporting, SSO, SSPR, etc. If you have not purchased any Azure AD license, this is going to be your default edition.
Azure Active Directory Microsoft 365 Apps If you have O365, this edition of Azure AD is automatically provisioned for you. Besides the features offered by Azure AD Free, this edition offers additional functionalities such as IAM for Microsoft 365 Apps, branding, MFA, etc.
Azure Active Directory Premium P1 Azure AD Premium P1 offers all the capabilities of Azure AD Free and some additional premium features that can increase the overall security of your environment. Dynamic groups, self-serve group management, Microsoft Identity Manager, and password writeback are some of the additional features offered by Azure AD Premium P1.
Azure Active Directory Premium P2 This is the top edition of Azure AD and offers all features in the P1 and Azure AD Free editions; additionally, Identity Protection and Identity Governance are offered.
Table 1.1 provides a quick comparison of all editions of Azure AD and the features offered by each edition.
TABLE 1.1 Comparison of Azure AD Editions
| Feature | Free | Microsoft 365 Apps | Premium P1 | Premium P2 |
| Directory objects | 500,000 | Unlimited | Unlimited | Unlimited |
| Single sign-on | Unlimited | Unlimited | Unlimited | Unlimited |
| Core identity and access management | ✓ | ✓ | ✓️ | ✓️ |
| Business-to-business collaboration | ✓️ | ✓️ | ✓️ | ✓️ |
| Identity and access management for Microsoft 365 apps | ✕ | ✓️ | ✓️ | ✓️ |
| Hybrid identities (password writeback) | ✕ | ✕ | ✓️ | ✓️ |
| Advanced group access management | ✕ | ✕ | ✓ | ✓️ |
| Conditional access | ✕ | ✕ | ✓️ | ✓️ |
| Identity protection | ✕ | ✕ | ✕ | ✓️ |
| Identity governance | ✕ | ✕ | ✕ | ✓️ |
The pricing of Azure AD licensing can be reviewed on the Azure AD pricing page.
https://azure.microsoft.com/en-us/pricing/details/active-directory
In addition to these editions, if you already have an Office 365 E3/E5 license, then you can use the premium features of Azure AD, and you do not have to pay for these licenses separately. P1 is included in E3, and P2 is included in E5, respectively.
Since you have the basic understanding of the editions of Azure AD and how they are different from a traditional Active Directory deployment, let’s talk quickly about custom domains in Azure AD.
Leave a Reply