Link to home
Start Free TrialLog in
Avatar of onlinerack
onlinerackFlag for United States of America

asked on

Azure Active Directory

Hello, I have a few questions around Azure AD and I am hoping some of the experts would help clarifying these areas.

  • When would you run separate domains in Azure? Factors to consider?
  • How SSO/MFA work with IAM and PIM?
  • Difference between Password Sync with SSO vs. Pass through authentication vs ADFS?

Regards,
J
ASKER CERTIFIED SOLUTION
Avatar of Cliff Galiher
Cliff Galiher
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of onlinerack

ASKER

Thanks Cliff for your quick response.  The first question about running separate domains in Azure, what is meant is should we extend our on prem domain into Azure or have a separate domain for Azure. Is the a best practice for that?

Regards,
J
Azure AD is its own thing. You can set up a sync client (which you need to do for password sync, pass through, or ADFS.) But it is never an extension of your existing domain. It also isn't really a new domain. It is, like I said it's own entity. So that question actually doesn't really apply either way.
Thanks Cliff, your answer given me the info I need.

Regards,
J