Solved

Microsoft ADAL requirements

Posted on 2016-09-20
4
82 Views
Last Modified: 2016-10-05
Hello Experts,

One of my main customers runs a Hybrid Organization Exchange 2010 and Office 365, with AD on Premises and Azure premium subscriptions for Production and QA. They also deployed a internal farm of ADFS servers and WAP servers to allow SSO for their applications and allowing integration with cloud partners.

Now my client is looking to implement ADAL and get rid off ADFS infrastructure for their hybrid organization.

So, here are my questions:

Is it safe to decommission ADFS infrastructure?

What are the requirements to implement ADAL into a hybrid organization like this?

What are the real benefits of implementing ADAL vs decommission ADFS?

Any dependencies that we should look around, such as O365? if so, what work is required to complete this transition?

Please, elaborate your answers, and do not simple copy and paste MS url links
0
Comment
Question by:Jerry Seinfield
  • 2
  • 2
4 Comments
 
LVL 40

Accepted Solution

by:
Vasil Michev (MVP) earned 500 total points
ID: 41806803
ADAL is just the programmatic solution, i.e. a set of libraries/protocols. You still needs a backend servers to connect to and clients that 'talk' ADAL.

If you want a single sign-on solution, you will still need the on-prem AD FS infrastructure. What ADAL brings to this scenario is unified experience across all clients/devices, support for MFA, support for 3rd party solutions and more. But there is no "replacing" AD FS with ADAL.
0
 

Author Comment

by:Jerry Seinfield
ID: 41806840
Hi Basil,

Are you 100% sure that we still need ADFS infrastructure to allow SSO for a hybrid organization?

My software developers are saying that ADFS can be replaced b ADAL, but I am skeptical with getting rid off the ADFS in a hybrid organization
0
 
LVL 40

Expert Comment

by:Vasil Michev (MVP)
ID: 41807604
Yes, I'm sure. AD FS is not actually a requirement for Hybrid, but if you need true, seamless SSO experience, AD FS is still your only option.
0
 

Author Comment

by:Jerry Seinfield
ID: 41807979
sorry, Vasil, I am not following you,

for a hybrid organization Azure-AD and Exchange 2010-0365,  if we want to move forward with ADAL implementation and decommission ADFS , can we proceed or not?

Do we still need the ADFS infrastructure to allow SSO and federate applications with other partners?

My understanding is that Microsoft wants to deprecate ADFS in the future and use ADAL

Can you please research with Microsoft, and share their thoughts?
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Unable to request new certificate from NPS server 10 40
Missing Site/Sharepoint Options 3 22
SMTP Relay in Office 365? 3 44
Advanced Auditing issue 3 22
Read this checklist to learn more about the 15 things you should never include in an email signature.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This Experts Exchange lesson shows how to use VBA to loop through rows in Excel.  In order to sort, filter, and use database features, there needs to be a value in each column for every row. When data arrives with values missing, code to copy values…
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question