When you sign up with a Windows Azure account, by default it creates an instance of Active Directory that resides in Windows Azure only called Windows Azure Active Directory (WAAD). This is the same exact infrastructure that underlies Office 365. This blog post describes how to change Azure to leverage your existing Office 365 WAAD Instance. You can then take advantage of your existing DirSync and ADFS servers to sign into the Azure Management Portal rather than using a Microsoft Account (Formerly Windows Live ID).
This is ideal for large enterprise customers who desire to have all authentication performed from Active Directory, so that if administrators leave the organization, they have one place to disable the account rather than multiple places.
For a quick 10 minute video overview of how this works, I recommend watching ”What is Windows Azure Active Directory”
The first step is to sign into the Windows Azure Management Portal:
https://manage.windowsazure.com
Then click on Active Directory from the left navigation menu, and then click Add.
You then choose ‘Use existing directory’
Then check the box ‘I am ready to be signed out now’
You will then be directed to a login page to sign in with your Office 365 organization ID (which should authenticate you with ADFS if you have that enabled).
If you are managing your Windows Azure Subscription with a Microsoft Account (Formerly Windows Live ID) rather than an Organizational ID, then you will be prompted for confirmation that you are okay granting your Microsoft Account (Formerly Windows Live ID) with Organizational Admin rights over your Office 365 directory.
The next step is to click on the Settings icon on the left navigation pane in the Azure Management Portal.
Then click on the subscription you want to change the directory to the new o365 WAAD directory.
You can then change the directory
Note: The behavior of this screen is a little different than what you may expect. For example, in the drop-down box I was expecting to see a list of all my directories and then I could select the one I wanted. Instead, it assumes you don’t want to select your existing directory and so that option won’t be listed.
Adding an Administrator
Adding an administrator is the same as before but now you have the option of selecting the Organizational ID as an option.
That’s it – you can now sign in using ADFS to manage Azure.