25 + Latest Azure Active Directory Interview Q&A


In this tutorial guide you will find the latest azure active directory interview questions and answers, which every azure ad user must know before appearing for any interview or exam.

1. What is azure active directory

Azure Active Directory (Azure AD) is basically  identity and access management service  provided the Microsoft Azure. It is the extension of the Microsoft active directory. It helps users, employees to seamlessly access the various resources as per their role with just one sign on.  It can integrated with huge number of the external services and resources like SaaS application and other Microsoft product like Office 365,  Dynamics 365 etc.

What is Azure Active Directory

Azure Active Directory Tenant

2. What is identity in azure active directory

Identity in the azure ad represents a thing or something which can be authenticated by some mean. It can represents a user having the unique username and password associated with it for authentication. Its not always just the user, sometimes we also want to authenticate application or servers, they can also be treated as the identity in azure ad. They can be authenticated using the certificates or secret keys.

3. What is tenant in azure ad

A dedicated and trusted instance of Azure AD that’s automatically created when your organization signs up for a Microsoft cloud service subscription, such as Microsoft Azure, Microsoft Intune, or Microsoft 365. An Azure tenant represents a single organization.

4. What do you mean by guest user in azure ad

In a organization sometimes you want few external organization user to collaborate with your applications and servers to perform certain operations. In those case to authenticate those users and provide B2B collaboration guest user is used. You can invite the external / third party user by creating the Guest user for them. Once your works get done, you can remove the same.

5. What do you mean by security groups in azure ad

You can create security groups in azure ad to logically separate the set of users based on their roles, responsibility, access permissions. Once a group has been created, multiple user can be add or remove from it.

6. How to create user in azure active directory

For creating the user you need to have admin permission to add the user. Go to azure ad in the azure portal. Go to create user, provide name, email and other information.

7. How to remove a user from azure ad

Go to azure ad in the azure portal. Open the group from which user need to be removed. You will see list of users available. Search for the user to deleted, select and click remove user.

8. What is self-service password reset (SSPR) in azure ad

Azure ad provides the seamless way for password reset for its user. You don’t need any admin or network team help for password resetting. or unlocking the account. This has reduce a lot of burden on IT helpdesk team of any organization.

9. What is multi factor authentication in azure active directory

Multi factor authentication is two step verification process. First is something you know (like password or key) and second is something you possess (like OTP or biometric authentication such as finger print). These two step verification has become the new norm and has strengthen the user account immensely.

10. How to enable MFA in using azure portal

For MFA you need to have azure active directory premium license. An admin can go to conditional access screen from there you can enable the MFA for user as per the business need.

11. What is dynamic groups in azure ad

As the name suggest dynamic groups are dynamic in nature, and users from it will be automatically add and remove from groups. Automatically rule will be run on user attribute, if that condition satisfy user will be kept in the group otherwise removed.

12. What is Conditional Access?

Conditional Access policies at their simplest are if-then statements, if a user wants to access a resource, then they must complete an action. Example: A payroll manager wants to access the payroll application and is required to perform multi-factor authentication to access it.

13. Can user outside the organization access the azure resources ?

Yes outside user can access the azure resources by inviting them as guest user under B2B collaboration.

14. What is risk detection in the azure

Identifying the suspicious activity against the user account is termed as risk detection in azure. Its a part of the azure identity protection.

15. What are the different Azure AD licenses ?

  • Azure Active Directory Free
  • Azure Active Directory Premium P1
  • Azure Active Directory Premium P2
  • “Pay as you go” feature licenses

16. What are the fetaures of Azure AD Free License

  • Users and Group Management
  • Sync on-premises identities to azure ad
  • Password self service
  • Single sign on  (Only for cloud services)

17. What are the main features of Azure Active Directory Premium P1

  •           All the features of Free tire
  •           Hybrid user single sign on  (on-premises and cloud both)
  •           Self service password for on premises user as well
  •           Dynamic group management
  •           Microsoft Identity Manager

18. What are the main features of Azure Active Directory Premium P2

  •  All the features of free tire and P1
  • Azure AD  Identity Protection
  • Risk based conditional access (like not allowed user to login from certain low secure locations)
  • Provide Just in time access

19. Do you think Azure AD is Free

All the licenses user of Microsoft Online business service like Microsoft 365 , Microsoft Azure gets the Azure AD  free features by default. However there are certain extra features of azure ad you can get it by upgrading to paid version of azure ad.

20. How to connect to azure active through powershell

You need to have permission to connect to azure ad. Once you have you use below command to connect to azure ad.


21. what is azure ad connect

Microsoft azure ad connect is tool needed for connecting the on-premises identity infrastructure to azure ad. Using the azure ad connect helps the tenant to connect to local directories.

22. What is tenant id

In azure active directory we have tenant i.e. the organization representation. Every tenant is assigned a unique id known as tenant id.

23. If we have 1000 users to add in to azure active directory how can I do that in efficient way.

In azure ad we have bulk user creation facility available. We can cerate the user in bulk by putting the user in CSV file and upload the same csv file using the bulk user creation functionality.

24. Can we set default password for the first time user in azure ad

Yes you can set the default login password for the user.

25. What is default domain for the azure ad tenant

Default domain is onmicrosoft.com you can change it by providing the custom domain.

Deepak Goyal

<b>Deepak Goyal is certified Azure Cloud Solution Architect. </b>He is having around decade and half experience in designing, developing and managing enterprise cloud solutions. He is also Big data certified professional and passionate cloud advocate.

Leave a Reply

Your email address will not be published. Required fields are marked *