Office 365 Fundamentals – Users Management and Azure AD

Many of the Office 365 applications have evolved from server applications that were originally designed to run on-premises. For instance, Exchange Online evolved from Exchange Server, SharePoint Online evolved from SharePoint Server. All these classical on-premise applications have direct dependency on Active Directory. They simply cannot run and function without it.

Likewise, Many of the Office 365 applications are also dependent on a directory service, and the service that handles this role is Azure Active Directory. In fact, Office 365 is designed to use Azure AD as its directory service, and all the users created in Office 365 are in reality also created in Azure AD, as this role all features related to the account’s security, authentication and authorization.

In this post, we will explore a little bit more how users are created, managed, licensed and synchronized with an on-premise Active Directory in Office 365. Once the users are created, we will test to access some Office 365 features like Exchange Online and Skype for Business.

Creating Office 365 Users

Adding users individually


  • Creating a user in Office is very easy. Simply go to the Office 365 Admin Center, then click on Add a user on the Active Users Pane


  • Provide the required information



  • You need to assign an Office 365 license while creating the user. To proceed, click on Product licenses to assign a license for User1.

One important thing to be aware of, is that If you create a user without assigning a licence to it, the user will not be able to access Office 365 services. So you have to assign the license while creating any Office 365 user. You may also do it after the user is created, but remember: No access is possible until a license is assigned.


  • Once you are sure about the user configuration, click on Add to create the actual user. An informative prompt will appear to confirm the user’s creation


To check that the user has been successfully created, click on Active User to get an overview of its properties by double clicking on the selected user. Note that the Sync Type is In Cloud. This basically means that user has been created in Office 365, and is not an on-premise user that has been synchronized to Office 365. We will see in later posts how it is to possible to synchronize domain users which already exist in the Active Directory forest to Office 365.



From there, you would be able to change the different settings related to this user, as the group membership, the roles assigned, mail settings, OneDrive settings, …etc


Adding several users in bulk

There is also a way to add several users in one shot in Office 365 by using a comma delimited .csv file. You may put all your users in this file and import them from the Web Portal.

  • To create multiple users in bulk in Office 365, click on Active Users > More > + Import multiple users.


  • The .csv file needs to follow a certain syntax, but the import wizard makes it very easy by providing samples and a blank csv files, that you can download by clicking on the Download links provided by the wizard.


  • Below is the the downloaded CSV file with headers and a sample user information that you can use to mention all users that you want to create.



  • After content of the .csv changed accordingly, you just need to import it and verify the whether the content of file is correct by clicking on Verify


  • You can assign the licenses and allow or block the users to sign in.


  • Two users have been successfully created from this .csv file. Close the wizard once the users are imported.


Office 365 and Azure Active Directory Relationship in Action

As mentioned before, Office 365 uses Azure Active Directory (Azure AD) as the cloud-based user identity and authentication service. All users that are created in Office 365 are in fact hosted by Azure AD. We have previously added a user called User1, so we should be able find it created in Azure AD as well.

Because Office 365 and Azure AD are tightly linked, you will get access to manage Azure AD environment when you subscribe to Office 365.

You can access to Azure AD to manage your users from the Office 365 admin portal.

The AD Azure is an easy to use interface from where you can create and manage you Azure identities.


We can find the already created User1 in the Azure AD Users section


Let’s create another user from this interface, by clicking on New user and providing the required information.


After creation, the Azure AD user will show up in the Office 365 users section, but this time it is unlicensed. You may go ahead and license this user to allow him to access Office 365 services.

Testing Connection to Office 365 Services

Now that our both User1 and User2 are created, we will test to connect to some Office 365 services. Let’s by login to the Office 365 Web portal.

Office 365 will check that your username effectively exists and you will be prompted to provide your password

User1 is able to connect to Web portal. From there, they have the option to download and install the local version of Office by clicking on Install Office apps. they will also be able to access all Office 365 online services.


Let’s start by accessing Outlook Web App hosted in Exchange Online. Click on Outlook to login to your Mailbox. Provide your username and password and configure the first time login settings. You should now be able to use your Office 365 Outlook Web App.

We will try now the collaboration service with Skype for Business. I have installed Skype for Business for Android on my smart phone and I will use User1 to login

In this post, we have seen how users are managed in Office 365 and how Azure AD is integrated to Office 365 to provide the back-end Cloud based authentication and authorization services. We have also done the necessary testing to ensure our Office 365 users have a seamless and painless experience while connecting to the Office365 services, like Exchange Online and Skype for Business. However, the deployment reviewed here is commonly based on Cloud-only authentication, where all our users are solely created, stored and authenticated in Office 365.

While this kind of scenario might be acceptable for small companies which are not using an on-premise Active Directory and having only a few number of users which are authenticated by Office 365, it is not suitable for large and medium environments where an already existing on-site Active Directory infrastructure is deployed, and where your users management tasks are done locally. In this situation, you would need a way to replicate all your Active Directory users along with their attributes (usernames, passwords, …etc.) to Office 365. This is done by the Azure AD Connect tool and this is what we will see it in the next post.

Thanks for reading. Cheers!


  1. Pingback: Office 365 Fundamentals – Getting Started – vAdmin-Land

  2. Pingback: Office 365 Fundamentals – Getting Started – vAdmin-Land

Leave a Comment

Your email address will not be published. Required fields are marked *