In this 20-video course, discover how to apply knowledge of Azure Active Directory (AD) objects, settings, and role-based access control (RBAC) role assignments to address business needs, in preparation for AZ-301: Microsoft Azure Architect Design certification exam. Begin with a look at Azure AD and identity management planning, then recall various strategies for applying access control. Create a new Azure AD tenant, and Azure AD users and groups using the portal and PowerShell. Use command-line interface (CLI) to create an Azure AD user and join a Windows 10 device to Azure AD. Define how RBAC is used in Azure; assign built-in RBAC roles at different scopes; create deny RBAC assignments; and create a custom RBAC role with CLI. Then assign a custom RBAC role, and use PowerShell to remove a custom RBAC role and a RBAC role assignment. Enable self-service password reset and self-service group management to reduce the help desk burden; create an Azure AD enterprise application configuration, and audit Azure AD and sign-in logs. The exercise involves designing Azure AD and RBAC.