Jorge's Quest For Knowledge!

All About Identity And Security On-Premises And In The Cloud – It's Just Like An Addiction, The More You Have, The More You Want To Have!

Archive for the ‘Pass Through Authentication’ Category

(2016-12-10) Azure AD Pass-Through Authentication (PTA) Hits The Public Preview Shelves

Posted by Jorge on 2016-12-10


In addition to:

….Microsoft now also provides Directory Sync and Pass Through Authentication as a new authentication mechanism against Azure AD

For both “Directory Sync and Password Has Sync” and “Directory Sync and Pass Through Authentication” Microsoft now also supports seamless SSO!

At this point in time you can only use one of the authentication mechanisms mention above for any give domain in Azure AD

This new cool feature, “Directory Sync and Pass Through Authentication”, especially for those companies that do not want to have the passwords in Azure AD and do not have or do not want to have ADFS or any other federation system . This saves you from deploying an ADFS infrastructure and a WAP infrastructure. This new feature may be really of interest for small to medium companies. I expect that large organizations or enterprises have some kinds of federation infrastructure.

Remember that you may still need a federation infrastructure when:

  • you need to access resources at some other partner
  • some other partner needs to access resources within your company
  • you are using other SaaS solutions not (yet) supported by Azure AD for which you require federated SSO

One important feature currently not (yet?) supported by PTA, is something similar to Extranet Account Lockout in ADFS. Extranet Account Lockout is basically a soft lockout that prevents attacks from the outside to lock your on-premises AD account

Read more about this announcement here

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER:
https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
#########
http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

Advertisements

Posted in Pass Through Authentication, Windows Azure Active Directory | Leave a Comment »

 
%d bloggers like this: