Solved

Microsoft ADAL requirements

Posted on 2016-09-20
4
72 Views
Last Modified: 2016-10-05
Hello Experts,

One of my main customers runs a Hybrid Organization Exchange 2010 and Office 365, with AD on Premises and Azure premium subscriptions for Production and QA. They also deployed a internal farm of ADFS servers and WAP servers to allow SSO for their applications and allowing integration with cloud partners.

Now my client is looking to implement ADAL and get rid off ADFS infrastructure for their hybrid organization.

So, here are my questions:

Is it safe to decommission ADFS infrastructure?

What are the requirements to implement ADAL into a hybrid organization like this?

What are the real benefits of implementing ADAL vs decommission ADFS?

Any dependencies that we should look around, such as O365? if so, what work is required to complete this transition?

Please, elaborate your answers, and do not simple copy and paste MS url links
0
Comment
Question by:Jerry Seinfield
  • 2
  • 2
4 Comments
 
LVL 40

Accepted Solution

by:
Vasil Michev (MVP) earned 500 total points
ID: 41806803
ADAL is just the programmatic solution, i.e. a set of libraries/protocols. You still needs a backend servers to connect to and clients that 'talk' ADAL.

If you want a single sign-on solution, you will still need the on-prem AD FS infrastructure. What ADAL brings to this scenario is unified experience across all clients/devices, support for MFA, support for 3rd party solutions and more. But there is no "replacing" AD FS with ADAL.
0
 

Author Comment

by:Jerry Seinfield
ID: 41806840
Hi Basil,

Are you 100% sure that we still need ADFS infrastructure to allow SSO for a hybrid organization?

My software developers are saying that ADFS can be replaced b ADAL, but I am skeptical with getting rid off the ADFS in a hybrid organization
0
 
LVL 40

Expert Comment

by:Vasil Michev (MVP)
ID: 41807604
Yes, I'm sure. AD FS is not actually a requirement for Hybrid, but if you need true, seamless SSO experience, AD FS is still your only option.
0
 

Author Comment

by:Jerry Seinfield
ID: 41807979
sorry, Vasil, I am not following you,

for a hybrid organization Azure-AD and Exchange 2010-0365,  if we want to move forward with ADAL implementation and decommission ADFS , can we proceed or not?

Do we still need the ADFS infrastructure to allow SSO and federate applications with other partners?

My understanding is that Microsoft wants to deprecate ADFS in the future and use ADAL

Can you please research with Microsoft, and share their thoughts?
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
In the market for a new backup solution for Windows Server 2016? Follow these guidelines to get the most bang for your buck.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question