centralice all auth in the cloud

Occasional Contributor

Good morning everyone, and thanks in advance for the help.

 

I have a client with a need and little knowledge on my part :)

 

In a Hybrid Exchange environment with on-premises mailboxes and others in O365, the customer plans to hybridize all identity management in Azure to respond to customers that never connect to AD on premises.

The idea would be to have the entire directory synchronized in azure, so that all authentication is managed by a cloud, and thus be able to have computers in the domain, for example, without the need for VPN to the on premise environment.

It would also be interesting to have SSO functionalities like Oauth to extend the concept of AD SSO to own applications.

That is, they want "all identity management" to be done in the cloud.

Being a hybrid exchange environment they are afraid of how to make the change.

Can you think of not the way (we have already investigated that) but the solution they need?

Adfs? AD p1?

thanks !!!

1 Reply
For domain joined computers, identities need to be in the domain as well.
If you want, you could look into azure ad joining machines, then you don't need to have on prem accounts

For your SSO, have you looked into an application proxies?