Can't recommend these webinars enough. A few tips to help customers with their ADFS to Azure AD migrations:
Migration of applications and user authentication from ADFS to Azure AD doesn't have to be a big-bang event. Think of it like crawl, walk, run... Here's how you can apply crawl, walk, run to both application and user authentication migration:
Application Migration:
- Crawl: Clone all your ADFS application registrations from ADFS into Azure AD. This doesn't mean the applications are fully migrated yet. You can now "cut over" individual applications one-by-one meaning you reconfigure an application to start using Azure AD. You can do this on your own schedule over the course of weeks or months.
- Walk: As your confidence builds in the migration process, you'll have a playbook that will enable you to move a little faster.
- Run: Eventually, you'll understand the process so well, you'll feel confident enough to move several applications at once and eventually all applications are now using Azure AD.
User Authentication Migration:
- Crawl: If you want to test user authentication migration without using Staged Rollout or flipping any federated domains to managed, you can enroll some users into Azure AD Passwordless, Hybrid Azure AD Join, or Azure AD Join to bypass ADFS authentication. Test the user experience and get feedback to find out what works well or what could be improved.
- Walk: Use Staged Rollout to start migrating groups of users to Azure AD authentication. Since you already tested native Azure AD auth during the prior phase, this rollout should be smooth.
- Run: Now you're ready to migrate everyone over to Azure AD authentication by flipping their domain from federated to managed.
Microsoft