SOLVED
Home

AD+ADFS+AAD

%3CLINGO-SUB%20id%3D%22lingo-sub-167692%22%20slang%3D%22en-US%22%3EAD%2BADFS%2BAAD%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-167692%22%20slang%3D%22en-US%22%3E%3CP%3EHi%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ECan%20anyone%20enlighten%20me%20about%20AD%2C%20ADFS%20%26amp%3B%20AAD%20-%20and%20how%20you%20have%20%22moved%22%20your%20users%20into%20O365%3F%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EHave%20you%20synced%20all%20accounts%20from%20AD%20to%20AAD%20-%20or%20have%20you%20%22prepared%22%20the%20users%20first%20in%20AD%20e.g.%20by%20setting%20a%20extension%20attribute%20and%20then%20on%20ADFS%20configured%20a%20filter%20so%20only%20these%20users%20gets%20into%20the%20AAD%20-%20or%3F%26nbsp%3B%20%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-167692%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAAD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Eadfs%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-167712%22%20slang%3D%22en-US%22%3ERe%3A%20AD%2BADFS%2BAAD%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-167712%22%20slang%3D%22en-US%22%3E%3CP%3EIt%20really%20depends%20on%20what%20you%20are%20trying%20to%20achieve%2C%20if%20you'd%20like%20some%20consensus%20on%20how%20it's%20done%20generally%2C%20this%20is%20a%20great%20article%20if%20you%20haven't%20seen%20it%20already%20-%20%3CA%20href%3D%22https%3A%2F%2Fcloudblogs.microsoft.com%2Fenterprisemobility%2F2017%2F11%2F13%2Fhow-organizations-are-connecting-their-on-premises-identities-to-azure-ad%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EHow%20organizations%20are%20connecting%20their%20on-premises%20identities%20to%20Azure%20AD%3C%2FA%3E.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconnect%2Factive-directory-aadconnect-pass-through-authentication%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EAzure%20AD%20Pass-Through%20Authentication%3C%2FA%3E%20is%20a%20phenomenal%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconnect%2Factive-directory-aadconnect-user-signin%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Esign-in%20option%3C%2FA%3E%20along%20with%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconnect%2Factive-directory-aadconnect-sso%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3ESeamless%20Single%20Sign-On%3C%2FA%3E%2C%20offering%20many%20of%20what%20were%20traditionally%26nbsp%3Bonly%20available%20with%20AD%20FS%20and%20without%20the%20infrastructure%20downsides.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWIth%20the%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconnect%2Factive-directory-aadconnectsync-configure-filtering%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EAzure%20AD%20Connect%20filtering%20options%3C%2FA%3E%2C%20there%20is%20a%20lot%20of%20scope%20to%20onboard%20in%20whatever%20way%20works%20for%20a%20given%20situation.%20These%20include%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconnect%2Factive-directory-aadconnectsync-configure-filtering%23group-based-filtering%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EGroup-based%20filtering%3C%2FA%3E%20and%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconnect%2Factive-directory-aadconnect-get-started-custom%23domain-and-ou-filtering%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EDomain%20and%20OU%20filtering%3C%2FA%3E.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Taen keren
Super Contributor

Hi 

 

Can anyone enlighten me about AD, ADFS & AAD - and how you have "moved" your users into O365? 

 

Have you synced all accounts from AD to AAD - or have you "prepared" the users first in AD e.g. by setting a extension attribute and then on ADFS configured a filter so only these users gets into the AAD - or?   

1 Reply
Highlighted
Solution

It really depends on what you are trying to achieve, if you'd like some consensus on how it's done generally, this is a great article if you haven't seen it already - How organizations are connecting their on-premises identities to Azure AD.

 

Azure AD Pass-Through Authentication is a phenomenal sign-in option along with Seamless Single Sign-On, offering many of what were traditionally only available with AD FS and without the infrastructure downsides. 

 

WIth the Azure AD Connect filtering options, there is a lot of scope to onboard in whatever way works for a given situation. These include Group-based filtering and Domain and OU filtering.

Related Conversations
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
Tabs and Dark Mode
cjc2112 in Discussions on
22 Replies
flashing a white screen while open new tab
cntvertex in Discussions on
13 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
28 Replies
PacketMon Components are not loading in WAC 1909
HotCakeX in Windows Admin Center on
2 Replies