Solved

Microsoft ADAL requirements

Posted on 2016-09-20
4
101 Views
Last Modified: 2016-10-05
Hello Experts,

One of my main customers runs a Hybrid Organization Exchange 2010 and Office 365, with AD on Premises and Azure premium subscriptions for Production and QA. They also deployed a internal farm of ADFS servers and WAP servers to allow SSO for their applications and allowing integration with cloud partners.

Now my client is looking to implement ADAL and get rid off ADFS infrastructure for their hybrid organization.

So, here are my questions:

Is it safe to decommission ADFS infrastructure?

What are the requirements to implement ADAL into a hybrid organization like this?

What are the real benefits of implementing ADAL vs decommission ADFS?

Any dependencies that we should look around, such as O365? if so, what work is required to complete this transition?

Please, elaborate your answers, and do not simple copy and paste MS url links
0
Comment
Question by:Jerry Seinfield
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 41

Accepted Solution

by:
Vasil Michev (MVP) earned 500 total points
ID: 41806803
ADAL is just the programmatic solution, i.e. a set of libraries/protocols. You still needs a backend servers to connect to and clients that 'talk' ADAL.

If you want a single sign-on solution, you will still need the on-prem AD FS infrastructure. What ADAL brings to this scenario is unified experience across all clients/devices, support for MFA, support for 3rd party solutions and more. But there is no "replacing" AD FS with ADAL.
0
 

Author Comment

by:Jerry Seinfield
ID: 41806840
Hi Basil,

Are you 100% sure that we still need ADFS infrastructure to allow SSO for a hybrid organization?

My software developers are saying that ADFS can be replaced b ADAL, but I am skeptical with getting rid off the ADFS in a hybrid organization
0
 
LVL 41

Expert Comment

by:Vasil Michev (MVP)
ID: 41807604
Yes, I'm sure. AD FS is not actually a requirement for Hybrid, but if you need true, seamless SSO experience, AD FS is still your only option.
0
 

Author Comment

by:Jerry Seinfield
ID: 41807979
sorry, Vasil, I am not following you,

for a hybrid organization Azure-AD and Exchange 2010-0365,  if we want to move forward with ADAL implementation and decommission ADFS , can we proceed or not?

Do we still need the ADFS infrastructure to allow SSO and federate applications with other partners?

My understanding is that Microsoft wants to deprecate ADFS in the future and use ADAL

Can you please research with Microsoft, and share their thoughts?
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Optimized for private cloud infrastructures and datacenters, Nano Server is minimalistic, yet super-efficient, OS for services such as Hyper-V and Hyper-V cluster. Learn how you can easily deploy Nano Server and unlock its power!
Previously, on our Nano Server Deployment series, we've created a new nano server image and deployed it on a physical server in part 2. Now we will go through configuration.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question