Currently we have hybrid exchange (exchange 2010), skype for business (lync 2013), Azure AD Connect w/ password sync, and ADFS V2.1
From an user experience if the user is off prem, not on VPN when they hit a o365 webpage it asks for their UPN, then redirects to the ADFS proxy site which they must log onto, then they can access o365 resources.
My understanding is if we used Azure AD with password sync, the first o365 page they hit they would enter both UPN and password then go directly to the o365 resource cutting down on a perserved double step.
If this is all correct, what is the down side of using Azure AD for authenication? Any issues with the hybrid configs? Can we still get 'pass-through' when on prem and connected to the domain controllers from a workstation? Does it require the paid version of Azure AD?
@Jason Benway Also i have tried this with my already deployed WIndows 10 domain joined machines - Add them to Azure AD for seamless authentication for on prem and cloud resources with SSO. When I join my Win 10 machine to Azure AD accessing any O365 does not even require any username or password - logs you in straight.