Microsoft AD & AAD Administrator
Years of Exp.
Active Directory Management
Azure Active Directory Administration
Identity and Access Management (IAM)
Security and Compliance
Troubleshooting and Issue Resolution
Documentation and Reporting
- 1. Creating, modifying, and disabling user accounts and groups in both on-premises Active Directory and Azure Active Directory environments.
2. Managing access rights by configuring permissions and security groups to ensure appropriate data access for users while maintaining security standards.
3. Configuring and maintaining authentication methods, including multi-factor authentication (MFA) and Single Sign-On (SSO) solutions for improved user access and security.
4. Designing, implementing, and troubleshooting Group Policy Objects (GPOs) to enforce security policies, software deployment, and configuration settings across the AD infrastructure.
5. Setting up and managing directory synchronization between on-premises Active Directory and Azure Active Directory using tools like Azure AD Connect to ensure consistent user identities.
6. Identifying and resolving issues related to user authentication, directory synchronization, access rights, and other AD/AAD-related problems in a timely manner.
7. Managing DNS records and ensuring proper DNS resolution for Active Directory and Azure AD services to maintain optimal network performance and reliability.
8. Integrating applications with Azure AD for Single Sign-On and managing application registrations to enhance user productivity and security.
9. Implementing and managing identity governance solutions to enforce compliance, role-based access control, and periodic access reviews for users.
10. Developing and implementing strategies for backing up and restoring Active Directory data, including both on-premises and cloud-based components, to ensure business continuity
Microsoft AD & AAD Consolidation
Privileged Identity Management Enhancement
1. Assessment and Planning: Collaborated with the L3 Administrator to assess the existing Active Directory (AD) and Azure Active Directory (AAD) environments for consolidation opportunities.
2. Directory Synchronization: Configured and implemented Azure AD Connect to establish seamless synchronization between on-premises AD and AAD, ensuring consistent identity management.
3. User and Group Migration: Orchestrated the migration of users and groups from on-premises AD to AAD, ensuring minimal disruption and preserving access controls.
4. Single Sign-On (SSO): Designed and configured SSO solutions, enabling users to access cloud resources with their on-premises credentials, enhancing user experience.
5. Authentication Modernization: Collaborated with application teams to integrate modern authentication methods like OAuth and OpenID Connect, improving security and user convenience.
6. Multi-Factor Authentication (MFA): Implemented MFA for both on-premises and cloud applications to bolster security and protect against unauthorized access.
7. Group Policy Alignment: Streamlined group policy management by mapping on-premises policies to equivalent settings in AAD, maintaining consistency across environments.
8. Application Integration: Worked with developers to integrate applications with AAD using Azure AD App Registrations, enabling centralized identity management and access control.
9. Monitoring and Reporting: Set up monitoring for authentication events, directory synchronization status, and user activity, ensuring proactive issue resolution.
10. Documentation and Training: Prepared documentation for the consolidated environment and conducted training sessions to familiarize IT teams with the new architecture. Project resulted in 30% increase in cross-team collaboration and operational efficiency, positioning the company for future growth.
1. PIM Assessment: Collaborated with the L3 Administrator to evaluate the existing Privileged Identity Management (PIM) configuration and identify areas for improvement.
2. Role Refinement: Analysed and optimized the roles defined in PIM to align with the principle of least privilege, reducing excessive access permissions.
3. Approval Workflows: Designed and implemented approval workflows for elevation of privileged roles, ensuring proper oversight and accountability.
4. Time-bound Access: Configured time-bound access for privileged roles, enforcing temporary elevation and minimizing the exposure of sensitive permissions.
5. Just-in-Time Access: Enabled just-in-time (JIT) access to privileged roles, granting temporary access only when needed, further enhancing security.
6. Auditing and Reporting: Set up auditing mechanisms to track and log all PIM activity, providing visibility into role assignments, approvals, and usage.
7. Escalation Processes: Defined escalation procedures for emergency situations, ensuring timely access to privileged roles under controlled circumstances.
8. Continuous Review: Established regular reviews of privileged roles, role assignments, and usage patterns to adapt to changing organizational needs.
9. Integration with SIEM: Integrated PIM activity logs with the Security Information and Event Management (SIEM) system for centralized threat detection and response.
10. User Education: Conducted training sessions to educate users about the importance of PIM, the proper use of privileged roles, and adherence to security best practices.
BCOM In - Savitribai Phule Pune University
Microsoft Certified: Azure Administrator Associate
Microsoft 365 Certified: Security Administrator Associate