How to use AD Log On To restriction but allow Azure AD Pass-Through Authentication

BCSecA · ‎Sep 13 2023

As the title says I am attempting to utilize the "Log On To..." setting in on-premises AD

but still allow users to log onto Azure AD authenticated resources such as Office 365.

The test accounts can log into only the specified workstation when the setting is enabled. Which is the expected outcome but when this is enabled and the user attempts to log into anything that authenticates via Azure AD, the authentication fails with "Pass-through Authentication" Succeeded: "False".

This totally makes sense but I am required to lock down user account(s) to specific computers and still allow Azure AD Authentication for these same users.

Is this even possible without going through group policy which gets messy when you only want certain user accounts on certain machines.

BCSecA · ‎Sep 13 2023

Hi. Yes, you should be able to if you put the server names where the Pass through agents are installed. Hope that helps

BCSecA · ‎Sep 13 2023

Hi. Yes, you should be able to if you put the server names where the Pass through agents are installed. Hope that helps

View solution in original post

How to use AD Log On To restriction but allow Azure AD Pass-Through Authentication

How to use AD Log On To restriction but allow Azure AD Pass-Through Authentication

Re: How to use AD Log On To restriction but allow Azure AD Pass-Through Authentication

Re: How to use AD Log On To restriction but allow Azure AD Pass-Through Authentication

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

How to use AD Log On To restriction but allow Azure AD Pass-Through Authentication

How to use AD Log On To restriction but allow Azure AD Pass-Through Authentication

Re: How to use AD Log On To restriction but allow Azure AD Pass-Through Authentication

Re: How to use AD Log On To restriction but allow Azure AD Pass-Through Authentication