Introducing Azure AD Pass-Through Authentication and Seamless Single Sign-on

Now in public preview, Azure AD Pass-Through Authentication is a 3rd alternative in the options for “single sign-on” between Active Directory and Azure AD.  Designed to remove the infrastructure requirements of AD Federation Services, it provides a more seamless SSO experience than the Password Hash Sync through AAD Connect.   

 With the use of AAD Connect and a simple connector, AAD PTA relies on secure outbound communication to validate username  and password credentials against your on-premises Active Directory.  No need to sync AD passwords to AAD, nor deploy AD FS!

 https://blogs.technet.microsoft.com/enterprisemobility/2016/12/07/introducing-azuread-pass-through-authentication-and-seamless-single-sign-on/

 https://docs.microsoft.com/en-us/azure/active-directory/active-directory-aadconnect-pass-through-authentication

Comments

Post a Comment

Popular posts from this blog

Microsoft Customer Guidance for WannaCrypt Attacks

As you no doubt are aware, the WannaCrypt attacks over the last couple of weeks have been quite pervasive. Microsoft has provided some guidance on the WannaCrypt attacks that I thought you should be aware of, both for Azure as well as on-premises. https://azure.microsoft.com/en-us/blog/wannacrypt-attacks-guidance-for-azure-customers/ https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ Of note, Microsoft has released security patches for OS versions that are no longer in mainstream support, i.e. Windows XP, Windows 8 and Windows Server 2003.
Read more

Five reasons to run SQL Server 2016 on Windows Server 2016

The Microsoft SQL Server team is publishing a five-part series on why to run SQL Server 2016 on Windows Server 2016.   Can you guess reason #1?   Yes, it's security.  We're going to see a much bigger push on the MS front addressing its commitment to a holistic security approach across the whole Microsoft stack, building and integrating security throughout its platforms, and product and service offerings.  Read on to see how SQL Server 2016 on Windows Server 2016 increase your security posture, using features such as Device Guard, Credential Guard, Control Flow Guard and Windows Defender on Windows Server 2016 and Always Encrypted protection, Row-Level Security and Dynamic Data Masking in SQL Server 2016. https://blogs.technet.microsoft.com/hybridcloud/2017/03/23/five-reasons-to-run-sql-server-2016-on-windows-server-2016-1-security/ The second part of the series focuses on the performance increases and cost savings that can be had with SQL Server 2016 on Windows...
Read more

Eliminating Plaintext Passwords With Microsoft Advanced Threat Analytics Using LDAP

Happy New Year to everyone! To start off 2017 on an easy note, have a look at this article regarding the use of Microsoft Advanced Threat Analytics (ATA) to identify those applications and services that may still be sending passwords in plaintext in your network environment.  This is typically the result of simple LDAP binds being used for authentication purposes, which exposes your environment to attacks focused on privilege escalation. https://blogs.technet.microsoft.com/enterprisemobility/2017/01/09/eliminating-plaintext-passwords-with-microsoft-advanced-threat-analytics-using-ldap/
Read more