SOLVED
Home

Is it possible to use Azure AD without internet

%3CLINGO-SUB%20id%3D%22lingo-sub-313036%22%20slang%3D%22en-US%22%3EIs%20it%20possible%20to%20use%20Azure%20AD%20without%20internet%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-313036%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20Experts%3C%2FP%3E%3CP%3EMine%20is%20more%20of%20a%20business%20user%20kind%20of%20question%20and%20not%20from%20a%20technical%20question.%20We%20want%20to%20use%20some%20Access%20and%20Identity%20management%20system%20for%20our%20company%20(about%2050%20users%20and%20using%20mostly%20windows%2010).%20Recently%20we%20were%20audited%20for%20some%20compliance%20and%20the%20auditor%20recommended%20a%20Active%20Directory%20services%20where%20we%20could%20control%20the%20users%20(active%2Finactive)%20and%20have%20info%20on%20what%20softwares%20have%20been%20installed%20on%20that%20machine.%20They%20also%20recommended%20we%20can%20use%20Azure%20AD.%20We%20tried%20with%20the%20Free%20version%20and%20it%20works%20when%20the%20PC%2Flaptop%20is%20connected%20to%20internet.%20When%20its%20not%20connected%2C%20the%20users%20are%20not%20able%20to%20logon.%20Before%20investing%20or%20investigating%20further%20I%20want%20to%20check%20if%20it%20is%20possible%20to%20have%20Azure%20AD%20work%20without%20internet%2C%20ie%20can%20the%20users%20login%20to%20their%20machines%20even%20if%20it%20not%20connected%20to%20internet.%20Any%20help%20is%20appreciated.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-313036%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20Active%20Directory%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-313889%22%20slang%3D%22en-US%22%3ERe%3A%20Is%20it%20possible%20to%20use%20Azure%20AD%20without%20internet%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-313889%22%20slang%3D%22en-US%22%3EI%20am%20sure%20that%20you%20can't%20able%20login%20after%20federation%20service%20(AD-FS%20between%20Azure%20AD%20and%20Domain%20Joined%20Computer%20through%20internet)%20connectivity%20restored%20between%20Azure%20AD%20with%20domain%20joined%20computer.%3CBR%20%2F%3E%3CBR%20%2F%3EThanks%3CBR%20%2F%3EVinoth%20K%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-313223%22%20slang%3D%22en-US%22%3ERe%3A%20Is%20it%20possible%20to%20use%20Azure%20AD%20without%20internet%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-313223%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EThanks%20a%20lot%20Bert%20for%20your%20quick%20reply.%20One%20more%20question%2C%20when%20we%20delete%20the%20user%20in%20AD%20Azure%2C%20the%20user%20is%20still%20able%20to%20login%20using%20the%20old%20credentials.%20The%20user%20is%20connected%20to%20internet%20and%20we%20believe%20the%20event%20of%20deleting%20the%20user%20has%20not%20synced%2Fbroadcast-ed.%20Any%20thoughts%20on%20this%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EThanks%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EAnand%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-313218%22%20slang%3D%22en-US%22%3ERe%3A%20Is%20it%20possible%20to%20use%20Azure%20AD%20without%20internet%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-313218%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%20a%20lot%20Bert%20for%20your%20quick%20reply.%20One%20more%20question%2C%20when%20we%20delete%20the%20user%20in%20AD%20Azure%2C%20the%20user%20is%20still%20able%20to%20login%20using%20the%20old%20credentials.%20The%20user%20is%20connected%20to%20internet%20and%20we%20believe%20the%20event%20of%20deleting%20the%20user%20has%20not%20synced%2Fbroadcast-ed.%20Any%20thoughts%20on%20this%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3CP%3EAnand%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-313171%22%20slang%3D%22en-US%22%3ERe%3A%20Is%20it%20possible%20to%20use%20Azure%20AD%20without%20internet%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-313171%22%20slang%3D%22en-US%22%3EHi%20Anand%2C%20By%20design%20this%20should%20work%20with%20cached%20credentials%2C%20so%20once%20a%20machine%20is%20Azure%20AD%20joined%20and%20the%20user%20on%20the%20device%20successfully%20logged%20on%20to%20the%20device%2C%20you%20could%20disable%20the%20network%20connection%20and%20logon%20again.%20Even%20without%20a%20connection%20to%20Azure%20AD.%3C%2FLINGO-BODY%3E
anand_s
New Contributor

Hello Experts

Mine is more of a business user kind of question and not from a technical question. We want to use some Access and Identity management system for our company (about 50 users and using mostly windows 10). Recently we were audited for some compliance and the auditor recommended a Active Directory services where we could control the users (active/inactive) and have info on what softwares have been installed on that machine. They also recommended we can use Azure AD. We tried with the Free version and it works when the PC/laptop is connected to internet. When its not connected, the users are not able to logon. Before investing or investigating further I want to check if it is possible to have Azure AD work without internet, ie can the users login to their machines even if it not connected to internet. Any help is appreciated. 

4 Replies
Solution
Hi Anand, By design this should work with cached credentials, so once a machine is Azure AD joined and the user on the device successfully logged on to the device, you could disable the network connection and logon again. Even without a connection to Azure AD.

Thanks a lot Bert for your quick reply. One more question, when we delete the user in AD Azure, the user is still able to login using the old credentials. The user is connected to internet and we believe the event of deleting the user has not synced/broadcast-ed. Any thoughts on this?

 

Thanks

Anand

Thanks a lot Bert for your quick reply. One more question, when we delete the user in AD Azure, the user is still able to login using the old credentials. The user is connected to internet and we believe the event of deleting the user has not synced/broadcast-ed. Any thoughts on this?

 

Thanks

Anand

I am sure that you can't able login after federation service (AD-FS between Azure AD and Domain Joined Computer through internet) connectivity restored between Azure AD with domain joined computer.

Thanks
Vinoth K
Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
50 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
32 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
15 Replies
Dev channel update to 80.0.355.1 is live
josh_bodner in Discussions on
67 Replies