Dutch Version
Dutch Version

Microsoft Identity Masterclass

* Online only *

October 24 – 28, 9AM – 5PM

5-day Hands-on Microsoft Identity Masterclass by John Craddock

Come to this Masterclass written and delivered by John Craddock. Discover how the identity solutions offered by Azure Active Directory, on-premises AD FS and AD will help you build identity systems for the future using protocols that include OpenID Connect and OAuth 2.0. In this Masterclass you will learn how to authenticate and provide authorization factors to applications that can be located on-premises or in the cloud. The source of identity of the users can be from your own corporate network, your Azure AD domain, a partner organization and/or a social identity provider such as Facebook or Google.

The class provides detailed learning through the extensive use of hands-on labs. Attendees will not only learn the fundamentals and principles, but also learn how to deploy and troubleshoot the solutions. In depth learning will be gained through the use of tools, such as Fiddler, to analyze and understand the protocol flows.

Who is this masterclass for?

The Masterclass is primarily aimed at IT professionals. However, application developers who are tasked with integrating authentication and authorization by using Microsoft Azure and/or on-premises AD FS will greatly benefit from the detailed coverage. Code development is not included in the class, but you will learn about all of the configuration requirements.

What to expect?

The Masterclass is a high-energy, action packed event, crammed with solid information and tips. During these 5 days, John Craddock will help you extend your knowledge and consolidate your new skills with over 35 hands-on labs.


  • Cost: € 4.250,- excl. VAT per participant
  • This master class is online
  • The working language during the master class is English
  • If you use more than two participants from one organization want to enroll, if your organization wants multiple co-workers to attend this Materclass at the same time, please contact us. There is a limited number of places available

About John Craddock

John is a Microsoft MVP and has designed and implemented computing systems ranging from high-speed industrial controllers through to distributed IT systems. A key player in many IT projects for industry leaders including Microsoft, the UK Government and multi-nationals. Developed technical training courses and presents regularly at major international conferences including, TechEd, ITForum and European summits. John is passionate about communicating tough technical content in an engaging and highly consumable format.

Day Programs

Day 1

After a comprehensive introduction to today’s identity challenges and solutions you will learn the details of the authentication protocols. This in depth coverage of the protocols will allow you to troubleshoot any problems you may encounter when deploying solutions.

Day 1 hands-on labs:

  • Creating an Azure Active Directory
  • Installing and using Fiddler
  • Enabling Kerberos on a website
  • Tracing the WS-federation protocol
  • Investigating OpenID Connect

Day 2

After completing our investigation of the protocols, you will learn how to configure the Azure Active Directory to meet your needs. You will discover how Azure AD Identity Protection and Privileged Identity Management enhances security for your Azure AD tenant. Through synchronizing users from an on-premises AD, you will discover how SaaS applications can be made available to on-premises and cloud users. You will see the options for configuring password synchronization and Pass-through authentication.

Day 2 hands-on labs:

  • Adding custom domains to Azure AD
  • Self-service password resets
  • Enabling Multi-Factor Authentication
  • Role based access control
  • Branding your portal
  • Managing Azure AD with PowerShell
  • Installing and configuring synchronization with Azure AD Connect
  • Investigating pass-through authentication

Day 3

You will start the day deploying a SaaS app to your users and configuring groups, self-service group management, and self-service application management. You will then deploy your own applications into Azure AD using both WS-Federation and OpenID Connect / Oauth2.0. You will then Finally, you will learn about managing permissions, roles, groups, delegation and consent.

Day 3 hands-on labs:

  • Groups and self-service group management
  • Self-service application access and delegation
  • Configuring a WS-Federation App with Azure AD
  • Managing permission roles and groups
  • Defining WebAPI permissions
  • Investigating content
  • Multi-tenant applications

Day 4

The day starts with you working with the Azure AD Application Proxy to publish applications to the Internet. After installing/configuring AD FS and the Web Application Proxy on Server 2016, you will learn about the options for enabling federated SSO with the on-premises AD. After configuring Federated SSO, you will install and configure an OpenID Connect / OAuth 2.0 application to work with AD FS.

Day 4 hands-on labs:

  • Publishing a claims-aware application with the Azure AD application proxy
  • Publishing an application using Windows Authentication via Kerberos Constrained Delegation
  • Installing AD FS and the WAP
  • Enabling Federated SSO
  • Installing and configuring an OpenID Connect app on ADFS
  • Managing claims ADFS claims rules

Day 5

The day starts looking at device registration and conditional access for both Azure AD and AD FS. We will look at the elimination of passwords using Windows Hello. We will then stretch our boundaries and see how Azure AD can open access to consumers (B2C) and businesses (B2B).

Day 5 hands-on labs:

  • Installing AD FS and the WAP
  • Enabling Federated SSO
  • Installing and configuring an OpenID Connect app on ADFS
  • Creating a B2C directory
  • Multi-tenant versus federated applications

Bring your own device

To be able to perform the hands-on labs during the masterclass it is necessary to bring your own laptop. Without a laptop it is not possible to attend this masterclass. The hands-on labs run in a lab environment. In addition, the students themselves must have a Microsoft Azure subscription available for the different scenarios presented. Full details regarding the preparation will be shared with you before the start of the masterclass.

Masterclass materials

You will receive a hard copy of the hands-on manual. Both the hands-on manual and slides will be available in pdf format. At the end of the course, after completing an evaluation, you will receive a link to a build guide, which details how to setup the hands-on virtual environments, and copies of all the scripts and demo websites.