Home

Pass-through authentication is now available in Preview

Vasil Michev
MVP

"The replacement" of AD FS, at least for some scenarios, which offers the same seamless SSO experience without requiring AD FS or any (major) changes to the on-prem infrastructure is now available for testing via Preview.

 

Full news here: https://blogs.technet.microsoft.com/enterprisemobility/2016/12/07/introducing-azuread-pass-through-a...

 

Documentation is here: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-aadconnect-pass-through-aut...

 

And more details are available in the Ignite session recording: https://www.youtube.com/watch?v=prOivxVbv9U

3 Replies
Highlighted

I can see the value for this.

But now we are going to have three ways of authentication in azure.

Currently we have AADconnect with password hash sync and password writeback enabled. We also have ADFS installed but not configured from AADConnect.

 

How does Pass-Through authentication fit in? Can we have all three? If you can, how is the authentication route choosen?

 

In Pass-Through authentication if there is no connection to the on-prem enviroment will the user still be able to logon or will it fail?

If there's no connection to on-prem auth will fail, same if the AADConnect server is down. That's why it's recommended to have the connector installed on another machine as well. And for fallback, you can use password sync.

 

As for fitting in, it really depends on your requirements. Most organizations want to use the same set of credentials and have seamless SSO - with PTA they can now have it without requiring AD FS. But if you do anything with claims rules or similar, you'll probably have to stick with AD FS (plus, AD FS is used for more than just O365).


@Vasil Michev wrote:

"The replacement" of AD FS, at least for some scenarios, which offers the same seamless SSO experience without requiring AD FS or any (major) changes to the on-prem infrastructure is now available for testing via Preview.

 

Full news here: https://blogs.technet.microsoft.com/enterprisemobility/2016/12/07/introducing-azuread-pass-through-a...

 

Documentation is here: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-aadconnect-pass-through-aut...

 

And more details are available in the Ignite session recording: https://www.youtube.com/watch?v=prOivxVbv9U


Awesome! Excited and hopeful this resolves the issue for us :)

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
46 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
13 Replies