Introducing Azure AD Pass-Through Authentication and Seamless Single Sign-on

Now in public preview, Azure AD Pass-Through Authentication is a 3rd alternative in the options for “single sign-on” between Active Directory and Azure AD.  Designed to remove the infrastructure requirements of AD Federation Services, it provides a more seamless SSO experience than the Password Hash Sync through AAD Connect.   

 With the use of AAD Connect and a simple connector, AAD PTA relies on secure outbound communication to validate username  and password credentials against your on-premises Active Directory.  No need to sync AD passwords to AAD, nor deploy AD FS!

 https://blogs.technet.microsoft.com/enterprisemobility/2016/12/07/introducing-azuread-pass-through-authentication-and-seamless-single-sign-on/

 https://docs.microsoft.com/en-us/azure/active-directory/active-directory-aadconnect-pass-through-authentication

Comments

Post a Comment

Popular posts from this blog

Microsoft Customer Guidance for WannaCrypt Attacks

As you no doubt are aware, the WannaCrypt attacks over the last couple of weeks have been quite pervasive. Microsoft has provided some guidance on the WannaCrypt attacks that I thought you should be aware of, both for Azure as well as on-premises. https://azure.microsoft.com/en-us/blog/wannacrypt-attacks-guidance-for-azure-customers/ https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ Of note, Microsoft has released security patches for OS versions that are no longer in mainstream support, i.e. Windows XP, Windows 8 and Windows Server 2003.
Read more

ILM 2007 Certificate Management Customizations

ILM 2007, through its Certificate Management solution, or Certificate Lifecycle Manager (CLM) as it used to be known, allows an organization to manage credentials within their Windows Server 2003 and 2008 certification authorities. It acts like an administrative proxy, allowing you issue and manage digital certificates and smartcards through a web interface. The solution provides three different APIs (i.e. Provision, SQL and Notification) and a number of customizable interfaces, all of which allow you to customize CLM. This gives you the ability to greatly extend and expand the product's capabilities. For an overview of these APIs and interfaces, have a look at the Certificate Lifecycle Manager Overview on MSDN. Over the next few postings, I'll be looking at these APIs and interfaces in greater detail, to show you how they work and how they could be put to use in your CLM deployment. And I'd like to add a quick shout-out to David Lundell, over at ILM Best Practices , f
Read more