As we help organizations embrace Hybrid Identity, we often encounter politics or standards that dictate that we take baby steps.

I fully agree with taking the smallest steps possible, for it keeps roll-back steps small and useful, too. However, Azure Active Directory, currently, is not a cloud service you can enable without some default functionality.

When you synchronize an on-premises Active Directory Domain Services environment with Azure AD, you’re getting quite a lot of functionality, that you might not want people in the organization to see:

Most prominently, by default, the Office 365 Portal shows links to:

• The Store App through the Add-In tile, underneath Apps and the Add-In tile in the Office 365 Waffle menu.
• Download and install Office Professional Plus, through the Install Office button.

When we demo Hybrid Identity, we often create the cleanest possible MyApps and Office 365 Portal experience, showing that while we’ve created the identity bridge, no functionality is enabled on the other side:

Note:
One of the other tricks we pull is to customize the branding of the MyApps portal and the Office portal through Azure Active Directory. Although the portals are empty, at least people will feel right at home!

Let me show you how to do that:

Download your apps

Get rid of the Download your apps link:

• Sign into the Admin Portal using an account with global admin / company admin privileges in the Azure Active Directory tenant. Perform multi-factor authentication and/or the steps to attain your privileges through Azure AD Privileged Identity Management (PIM) when this is required.
• In the right pane, expand Settings.
• Underneath Settings, click Services & add-ins.
• In the main pane, from the list of services and add-ins, click on Office software download settings.
• In the settings pane that appears on the right, make these two changes:

• Underneath Software for PC and mobile devices, select Off for All PC and mobile devices.
• Underneath Software for Mac, select Off for All apps for Mac.
• Click Save.
• Sign out, when done.

Store

Get rid of the Store link:

• Sign into the Admin Portal using an account with global admin / company admin privileges in the Azure Active Directory tenant. Perform multi-factor authentication and/or the steps to attain your privileges through Azure AD Privileged Identity Management (PIM) when this is required.
• In the right pane, expand Settings.
• Underneath Settings, click Services &
  add-ins.
• In the main pane, from the list of services and add-ins, click on User owned Apps and Services.

• In the settings pane that appears on the right, select
  Off for Let people in your organization go to the Office Store.
• Click Save.
• Sign out, when done.

Concluding

In large organizations and multinationals, every change is often a journey. Start your Hybrid Identity cloud journey with a plan. When you demo Hybrid Identity, make sure the MyApps and Office Portal experience is as clean as a whistle. Then, later on, add the functionality the organization asks for.

The post Creating a clean MyApps and Office Portal Experience appeared first on The things that are better left unspoken.