Forum Discussion
Configuring Teams for an on-premise domain without synchronizing AD with O365
I have an on-premise domain which needs to remain that way for security reasons. I am trying to propose a pilot for some of the users in that domain, and these users will have very limited internet ...
You'll want to set up hybrid identity, which does mean you will need to synchronize user details into Azure AD, but you can then leverage ADFS for actual authentication. You do not necessarily have to sync password hashes with Azure AD for this, and you can also scope it to a subset of users in your on-premise AD.
Alternatively, you can also configure Microsoft 365 with an internet domain you own and just have people directly sign into that - which is the alternative to a hybrid identity - a cloud only identity. You do not have to do anything then, but obviously there won't be any single sign on and all those other fancy things you could have with ADFS.
Alternatively, you can also configure Microsoft 365 with an internet domain you own and just have people directly sign into that - which is the alternative to a hybrid identity - a cloud only identity. You do not have to do anything then, but obviously there won't be any single sign on and all those other fancy things you could have with ADFS.
- Thanks pvanberlo. The Hybrid identity sounds the best way forward, however we would need to see if we can get accredited to do this first. Thanks for your help, Chris.
