Mar 04 2019
- last edited on
Jul 27 2020
One of our customer raised the below query:
If they switch the tenant over to modern auth what happens with:
• New apps that try modern auth first
Their assumption is that these will just switch over to modern auth seamlessly (or invoke MFA, CA, etc)
• Older apps that have modern auth ‘bolted on’ (Office 2013 with patches)
Hoping that these will also fail over seamlessly
• Even older apps that don’t know about modern auth (Office 2010)
They’d hope everything fails back to basic auth but They're assuming it will stop working?
Finally, the effects of the change on Outlook behaviour are quite important. They’ve seen Outlook pop up asking for authentication and the user name had to be entered in a specific format to continue (AZUREAD\User@Principal.Name).
They need to make this change on a few tenants and they're worried about the larger ones that have many versions of Office deployed in multiple scenarios. The more information they can get the better.
Many thanks in advance.
Mar 04 2019 06:52 AM
Enabling Modern auth does nothing with respect to other auth methods, so all clients will continue to work as before. The only difference being that any client capable of (and using) MA will show the new auth UI, or log in the user automatically, depending on the configuration of the tenant/apps.
The AzureAD\UPN format is used with devices joined to Azure AD, which by itself is a different scenario.
Mar 04 2019 07:52 AMSolution