Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Microsoft ADAL requirements

Posted on 2016-09-20
4
Medium Priority
?
155 Views
Last Modified: 2016-10-05
Hello Experts,

One of my main customers runs a Hybrid Organization Exchange 2010 and Office 365, with AD on Premises and Azure premium subscriptions for Production and QA. They also deployed a internal farm of ADFS servers and WAP servers to allow SSO for their applications and allowing integration with cloud partners.

Now my client is looking to implement ADAL and get rid off ADFS infrastructure for their hybrid organization.

So, here are my questions:

Is it safe to decommission ADFS infrastructure?

What are the requirements to implement ADAL into a hybrid organization like this?

What are the real benefits of implementing ADAL vs decommission ADFS?

Any dependencies that we should look around, such as O365? if so, what work is required to complete this transition?

Please, elaborate your answers, and do not simple copy and paste MS url links
0
Comment
Question by:Jerry Seinfield
  • 2
  • 2
4 Comments
 
LVL 44

Accepted Solution

by:
Vasil Michev (MVP) earned 2000 total points
ID: 41806803
ADAL is just the programmatic solution, i.e. a set of libraries/protocols. You still needs a backend servers to connect to and clients that 'talk' ADAL.

If you want a single sign-on solution, you will still need the on-prem AD FS infrastructure. What ADAL brings to this scenario is unified experience across all clients/devices, support for MFA, support for 3rd party solutions and more. But there is no "replacing" AD FS with ADAL.
0
 

Author Comment

by:Jerry Seinfield
ID: 41806840
Hi Basil,

Are you 100% sure that we still need ADFS infrastructure to allow SSO for a hybrid organization?

My software developers are saying that ADFS can be replaced b ADAL, but I am skeptical with getting rid off the ADFS in a hybrid organization
0
 
LVL 44

Expert Comment

by:Vasil Michev (MVP)
ID: 41807604
Yes, I'm sure. AD FS is not actually a requirement for Hybrid, but if you need true, seamless SSO experience, AD FS is still your only option.
0
 

Author Comment

by:Jerry Seinfield
ID: 41807979
sorry, Vasil, I am not following you,

for a hybrid organization Azure-AD and Exchange 2010-0365,  if we want to move forward with ADAL implementation and decommission ADFS , can we proceed or not?

Do we still need the ADFS infrastructure to allow SSO and federate applications with other partners?

My understanding is that Microsoft wants to deprecate ADFS in the future and use ADAL

Can you please research with Microsoft, and share their thoughts?
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question