Forum Discussion
Solved
Azure AD test tenant
Hello Community, I'm stating this discussion because I likely wanted your input regarding the best way to build a test tenant in Azure. We have a Prod tenant and for some feature testing or some wi...
- What I did is set up a parallel AD domain using our as-built documentation and then registered a new domain name used exclusively for this project. Then I created an Azure tenant with a pay-as-you-go subscription linked to a credit card. Then I used Azure AD Connect to connect the test domain with the test tenant. The AD DS domain is on a completely separate VLAN and the test tenant is completely separate from our production tenant.
What this does is keep the production environment completely separate from the test environment. I can try new things on the test domain and have a pretty good idea about how it's going to affect the production environment. The best part about this is that I can experiment with new services to deeply understand them before presenting them as potential projects. The idea is to be very thorough and build a deep understanding of a service before anyone else in the company (or our team) puts time into it.
Yes, having a separate test tenant can be useful for testing changes and new features before deploying them to production. To create a test tenant that is similar to your production tenant, you will need to set up a separate Azure AD tenant and configure it to match your production tenant as closely as possible. Here are some recommended steps to create a test tenant:
Create a separate Azure AD tenant: To create a separate Azure AD tenant, go to the Azure Portal and select the "Azure Active Directory" section. From there, you can create a new tenant by selecting "Create a tenant" and following the prompts to create a new tenant.
Configure the test tenant to match the production tenant: To make the test tenant similar to your production tenant, you will need to configure it with the same settings, policies, and permissions. This includes creating the same users and groups and configuring the same Azure AD Connect settings to sync the same users from your on-premises Active Directory. You can use Azure AD PowerShell or Azure AD Graph API to automate the creation of users, groups, and policies in the test tenant.
Here are some recommended steps to configure the test tenant:
Create the same users and groups: You can use Azure AD PowerShell or Azure AD Graph API to create the same users and groups in the test tenant as you have in your production tenant. This will ensure that the test tenant has the same user base as the production tenant.
Configure the same Azure AD Connect settings: You will need to configure Azure AD Connect to sync the same users from your on-premises Active Directory to the test tenant. This will ensure that the test tenant has the same user data as the production tenant. You can use the Azure AD Connect Configuration Wizard to configure the same settings in the test tenant.
Configure the same policies: You will need to configure the same policies in the test tenant as you have in your production tenant. This includes policies for password settings, device management, and access control. You can use Azure AD PowerShell or Azure AD Graph API to automate the creation of policies in the test tenant.
Test changes and new features in the test tenant: Once you have set up the test tenant, you can test changes and new features in the test tenant before deploying them to production. You can use the test tenant to perform functional testing, security testing, and load testing to ensure that the changes and new features work as expected.
Deploy changes and new features to production: After testing changes and new features in the test tenant, you can deploy them to production. It's important to note that any changes or new features that are deployed to production will not be reflected in the test tenant unless you manually configure them.
Keep the test tenant up-to-date: To ensure that the test tenant remains a reliable representation of the production tenant, you will need to keep it up-to-date with any changes or new features that are deployed to production. You can automate this process using Azure AD PowerShell or Azure AD Graph API to sync the changes from production to the test tenant.
Keep in mind that having a separate test tenant will incur additional costs, so you should plan and budget accordingly. Additionally, you should follow best practices for managing your test tenant, such as keeping it secure and up-to-date, to ensure that it remains an effective tool for testing changes and new features.
Create a separate Azure AD tenant: To create a separate Azure AD tenant, go to the Azure Portal and select the "Azure Active Directory" section. From there, you can create a new tenant by selecting "Create a tenant" and following the prompts to create a new tenant.
Configure the test tenant to match the production tenant: To make the test tenant similar to your production tenant, you will need to configure it with the same settings, policies, and permissions. This includes creating the same users and groups and configuring the same Azure AD Connect settings to sync the same users from your on-premises Active Directory. You can use Azure AD PowerShell or Azure AD Graph API to automate the creation of users, groups, and policies in the test tenant.
Here are some recommended steps to configure the test tenant:
Create the same users and groups: You can use Azure AD PowerShell or Azure AD Graph API to create the same users and groups in the test tenant as you have in your production tenant. This will ensure that the test tenant has the same user base as the production tenant.
Configure the same Azure AD Connect settings: You will need to configure Azure AD Connect to sync the same users from your on-premises Active Directory to the test tenant. This will ensure that the test tenant has the same user data as the production tenant. You can use the Azure AD Connect Configuration Wizard to configure the same settings in the test tenant.
Configure the same policies: You will need to configure the same policies in the test tenant as you have in your production tenant. This includes policies for password settings, device management, and access control. You can use Azure AD PowerShell or Azure AD Graph API to automate the creation of policies in the test tenant.
Test changes and new features in the test tenant: Once you have set up the test tenant, you can test changes and new features in the test tenant before deploying them to production. You can use the test tenant to perform functional testing, security testing, and load testing to ensure that the changes and new features work as expected.
Deploy changes and new features to production: After testing changes and new features in the test tenant, you can deploy them to production. It's important to note that any changes or new features that are deployed to production will not be reflected in the test tenant unless you manually configure them.
Keep the test tenant up-to-date: To ensure that the test tenant remains a reliable representation of the production tenant, you will need to keep it up-to-date with any changes or new features that are deployed to production. You can automate this process using Azure AD PowerShell or Azure AD Graph API to sync the changes from production to the test tenant.
Keep in mind that having a separate test tenant will incur additional costs, so you should plan and budget accordingly. Additionally, you should follow best practices for managing your test tenant, such as keeping it secure and up-to-date, to ensure that it remains an effective tool for testing changes and new features.
Would we have access to our existing tenant licensing and MS Partner Benefits?
