jskfan
asked on
Using Azure AD for federation
Using Azure AD for federation
I would like to know when 2 companies decide to authenticate each other users, whether they both should be in the cloud (Azure AD) and that will be enough or they also should have ADFS on the premises:
looking at this article , there is ADFS:
https://www.sherweb.com/blog/microsoft-365/active-directory-federation-services/
Thank you
I would like to know when 2 companies decide to authenticate each other users, whether they both should be in the cloud (Azure AD) and that will be enough or they also should have ADFS on the premises:
looking at this article , there is ADFS:
https://www.sherweb.com/blog/microsoft-365/active-directory-federation-services/
Thank you
Based on the "each other's users" comment, the answer is probably neither. But understanding what is being granted access and the type of business relationship would be helpful.
I would like to know when 2 companies decide to authenticate each other users, whether they both should be in the cloud (Azure AD) and that will be enoughThere is no requirement for the other side to have either ADFS or AAD to be given access your Azure AD environment. If they have their own Azure AD tenant, they can authenticate against that. If they don't, they will authenticate against your tenant as a guest or they can use say their Google account, their own Microsoft account, etc.
ASKER
So no ADFS needed with nowadays Azure cloud implementation ?
It could be that the article posted is old..
It could be that the article posted is old..
The only reason you needed ADFS for Azure was if you were not Syncing Passwords with AADConnect (or doing passthru auth). If you have AADConnect setup with either Password Hash sync or Pass-through authentication, then you do not need ADFS (it adds clunkiness in my opinion and experience) If you have AADconnect setup properly, you can use Azure MFA easily enough.
There may be other reasons (use 3rd party MFA solutions, etc...) to use ADFS still but it is not required.
There may be other reasons (use 3rd party MFA solutions, etc...) to use ADFS still but it is not required.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.