Skip to content

Commit 913b82d

Browse files
jborsecnikjborsecnik
authored
Merge pull request #98914 from KeithBrewer-MSFT/patch-1
Update memo-22-09-enterprise-wide-identity-management-system.md
2 parents d36f120 + 907462d commit 913b82d

File tree

1 file changed

+7
-3
lines changed

1 file changed

+7
-3
lines changed

articles/active-directory/standards/memo-22-09-enterprise-wide-identity-management-system.md

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -33,18 +33,20 @@ Memorandum 22-09 requires agencies to develop a plan to consolidate their identi
3333

3434
## Why Azure Active Directory?
3535

36-
Azure Active Directory (Azure AD) provides the capabilities necessary to implement the recommendations from memorandum 22-09. It also provides broad identity controls that support Zero Trust initiatives. If your agency uses Microsoft Office 365, you already have an Azure AD back end to which you can consolidate.
36+
Azure Active Directory (Azure AD) provides the capabilities necessary to implement the recommendations from memorandum 22-09. It also provides broad identity controls that support Zero Trust initiatives. Today, If your agency uses Microsoft Office 365 or Azure, you already have Azure AD as an identity provider (IdP) and you can connect your applications and resources to Azure AD as your enterprise-wide identity system.
3737

3838
## Single sign-on requirements
3939

4040
The memo requires that users sign in once and then directly access applications. Microsoft's robust single sign-on (SSO) capabilities enable users to sign in once and then access cloud and other applications. For more information, see [Azure Active Directory single sign-on](../hybrid/how-to-connect-sso.md).
4141

4242
## Integration across agencies
4343

44-
[Azure AD B2B collaboration](../external-identities/what-is-b2b.md) helps you meet the requirement to facilitate integration among agencies. It does this by:
44+
[Azure AD B2B collaboration](../external-identities/what-is-b2b.md) helps you meet the requirement to facilitate integration/collaboration among agencies. Whether the users reside in different Microsoft tenant in the same cloud, [tenant on another microsoft cloud](../external-identities/b2b-government-national-clouds.md), or a [non Azure AD tenant (SAML/WS-Fed identity provider)](..//external-identities/direct-federation.md).
45+
46+
Azure AD cross-tenant access settings allow agencies to manage how they collaborate with other Azure AD organizations and other Microsoft Azure clouds. It does this by:
4547

4648
- Limiting what other Microsoft tenants your users can access.
47-
- Enabling you to allow access to users whom you don't have to manage in your own tenant, but whom you can subject to your multifactor authentication (MFA) and other access requirements.
49+
- Granular settings to control access for external users including enforcement of multifactor authentication (MFA) and device signal.
4850

4951
## Connecting applications
5052

@@ -119,6 +121,8 @@ Devices integrated with Azure AD can be either [hybrid joined devices](../device
119121

120122
* [Azure Linux virtual machines](../devices/howto-vm-sign-in-azure-ad-linux.md)
121123

124+
* [Azure Virtual Desktop](https://learn.microsoft.com/azure/architecture/example-scenario/wvd/azure-virtual-desktop-azure-active-directory-join)
125+
122126
* [Virtual desktop infrastructure](../devices/howto-device-identity-virtual-desktop-infrastructure.md)
123127

124128
## Next steps

0 commit comments

Comments
 (0)