Forum Discussion
AAD Connect + Ping Federate
I would recommend connecting with Ping Identity sales team. Ping Access is not seen as an upgrade or instead of Ping Federate - they play different roles in your access strategy but it would be wrong of me to try and explain that.
In Azure AD there is one component that does all the authentication, federation and sso capabilities similar to what Ping Fed/ADFS does on premises and then the Application Proxy is about taking an internal web application and making this available to end users that are outside the network.
Brjann
Hi Jerry,
When you replaced ADFS with Ping Federate as you described, Could you tell me what basic steps were involved? Can you have 0365 and Azure Ad Connect connected to both ADFS and Ping Federate at the same time to minimize downtime? We are looking to accomplish this but cannot find any good migration documentation for this. Ideally, we would like to integrate with our 0365 with Ping Federate (while still federating with ADFS), and then disable the ADFS portion. That is probably not possible but would be ideal.
Thanks,
Kevin C.
MicrosoftYou are correct - a domain in Azure AD can't be federated to two different federation endpoints. Perhaps an alternate way to accomplish this is to enable pw hash sync and fall back to that to minimize user impact then you can switch the federation provider and turn it back to federation (unless you see that PHS is really good way to do auth and select to simplify your setup by removing federation all together)
Recommend looking at the deployment guides for ADFS to PHS here: http://aka.ms/deploymentplans
Brjann
