Typically purchased when free Office 365 Windows Azure Active Directory features are not sufficient.
Here are the additional features available in P2 not included in the basic Office 365 plan
Vendor code: AAD-26750
Add-ons (P2 specific)
- Vulnerabilities and risky accounts detection
- Risk events investigation
- Risk based Conditional Access policies
- Identity Governance
- Privileged Identity Management (PIM)
- Access Reviews
- Entitlement Management Preview
Add-ons (included from P1)
- Unlimited directory objects
- Password Protection (custom banned password)
- Password Protection for Windows Server Active Directory (global & custom banned password)
- Self-service password reset/change/unlock with on-premises write-back
- Microsoft Cloud App Discovery4
- Azure AD Join: MDM auto enrollment & local admin policy customization
- Azure AD Join: self-service bitlocker recovery, enterprise state roaming
- Advanced security and usage reports
- Application Proxy
- Microsoft Identity Manager user CAL5
- Connect Health6
- Dynamic groups
- Group creation permission delegation
- Group naming policy
- Group expiration
- Usage guidelines
- Default classification
- Conditional Access based on group, location, and device status
- Azure Information Protection integration
- SharePoint limited access
- Terms of Use (set up terms of use for specific access)
- Microsoft Cloud App Security integration
- 3rd party MFA partner integration Preview
- 3rd party identity governance partners integration
Features:
- Hosting for all the workloads in Microsoft Cloud in the datacenter auto selected based on your office address.
- Add-on to your Office 365 subscription
- Password Protection (custom banned password)
- Password Protection for Windows Server Active Directory (global & custom banned password)
- Self-service password reset/change/unlock with on-premises write-back
- Microsoft Cloud App Discovery4
- Azure AD Join: MDM auto enrollment & local admin policy customization
- Azure AD Join: self-service bitlocker recovery, enterprise state roaming
- Advanced security and usage reports
- Application Proxy
- Microsoft Identity Manager user CAL5
- Connect Health6
- Dynamic groups
- Group creation permission delegation
- Group naming policy
- Group expiration
- Usage guidelines
- Default classification
- Conditional Access based on group, location, and device status
- Azure Information Protection integration
- SharePoint limited access
- Terms of Use (set up terms of use for specific access)
- Microsoft Cloud App Security integration
- 3rd party MFA partner integration Preview
- 3rd party identity governance partners integration
- Vulnerabilities and risky accounts detection
- Risk events investigation
- Risk based Conditional Access policies
- Identity Governance
- Privileged Identity Management (PIM)
- Access Reviews
- Entitlement Management Preview